New Laplas Clipper Distributed via SmokeLoader
Tags
cmtmf-attack-pattern: Application Layer Protocol Masquerading Process Injection Scheduled Task/Job
country: Netherlands Italy
maec-delivery-vectors: Watering Hole
attack-pattern: Data Application Layer Protocol - T1437 Clipboard Data - T1414 Credentials - T1589.001 Disable Or Modify Tools - T1562.001 Disable Or Modify Tools - T1629.003 Dll Side-Loading - T1574.002 Exploitation For Client Execution - T1658 File Deletion - T1070.004 File Deletion - T1630.002 Hidden Files And Directories - T1564.001 Hide Artifacts - T1564 Hijack Execution Flow - T1574 Impair Defenses - T1562 Ingress Tool Transfer - T1544 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Process Discovery - T1424 System Information Discovery - T1426 Non-Standard Port - T1509 Non-Standard Port - T1571 Phishing - T1660 Phishing - T1566 Process Injection - T1631 Scheduled Task/Job - T1603 Security Software Discovery - T1418.001 Security Software Discovery - T1518.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Software Discovery - T1518 Software Packing - T1027.002 Software Packing - T1406.002 Virtualization/Sandbox Evasion - T1497 Tool - T1588.002 Virtualization/Sandbox Evasion - T1633 Standard Application Layer Protocol - T1071 Clipboard Data - T1115 Connection Proxy - T1090 Dll Side-Loading - T1073 Exploitation For Client Execution - T1203 File Deletion - T1107 Hidden Files And Directories - T1158 Indicator Removal On Host - T1070 Remote File Copy - T1105 Masquerading - T1036 Obfuscated Files Or Information - T1027 Process Discovery - T1057 Process Injection - T1055 Scheduled Task - T1053 Security Software Discovery - T1063 Software Packing - T1045 System Information Discovery - T1082 User Execution - T1204 Masquerading User Execution
Show in Graph
Common Information
Type Value
UUID 2df06b12-d0c5-49b8-8b34-d924e372d28e
Fingerprint 863c3a90ade3b60d
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 2, 2022, midnight
Added to db Oct. 24, 2023, 1:35 p.m.
Last updated Nov. 17, 2024, 10:40 p.m.
Headline New Laplas Clipper Distributed via SmokeLoader
Title New Laplas Clipper Distributed via SmokeLoader
Detected Hints/Tags/Attributes 109/4/222
Source URLs
Redirection Url
Details Redirection https://blog.cyble.com/2022/11/02/new-laplas-clipper-distributed-by-smokeloader/
Details Source https://cyble.com/blog/new-laplas-clipper-distributed-by-smokeloader/
URL Provider
Details Provider Source level domain
Details cyble.com cyble.com
Details cyble.com blog.cyble.com
Attributes
Details Type #Events CTI Value
Details Domain 9 
raccoon.ic3.gov
Details Domain 56 
vb.net
Details Domain 41 
steamcommunity.com
Details Domain 5 
clipper.guru
Details File 1260 
explorer.exe
Details File 22 
build.exe
Details File 2126 
cmd.exe
Details md5 1 
825a7c6d1b4adfe2b1cc7b29199f5033
Details md5 1 
457c9934ea081a6594d8f630ef5a9460
Details md5 1 
7f9a14f5eb35f5edd11624abfafba8f0
Details md5 1 
b76188bafa717975768bd24d09ffeb09
Details md5 1 
25d746af48d645f521157bce0201c89a
Details md5 1 
ce1a8753cfa6a3201ec14c2e2d6c2c3c
Details md5 1 
fad177ef62684282355546f19952cf15
Details md5 1 
b59bae8f31cf49096a7e222372dddb02
Details md5 1 
18a0b8dbec69e8243451d8ab2baf08b8
Details md5 1 
1d8d26a2473b7a1a178ae6711e651428
Details md5 1 
1aee575e4c0166891589c665ab4284f8
Details md5 1 
c8f500d04cd278f3f116d738c283af5e
Details md5 1 
fedfd00548c257f71035c9e04839cef0
Details md5 1 
76de4b33764b404503fb5bab6a722f46
Details md5 1 
e6b35376651ce442e0698346f0f24640
Details md5 1 
fb3d52a6dde88e25961373716c4d2e86
Details md5 1 
994a559d0d0992c9eb8db2812c790303
Details md5 1 
78e7172569b6cd4b0896e45598d705ed
Details md5 1 
92837369abac7478c5d98fd3dc02e4a0
Details md5 1 
d7098fc31fc30167397595f2a5364354
Details md5 1 
5818ffa75608143954014237b0db17c8
Details md5 1 
587c8d8ed424ce27fa4b402e53cb4083
Details md5 1 
688b75eb9297938aeea80fe48634f8bc
Details md5 1 
40d6d8aed45ad02b8f95738a61b673df
Details md5 1 
db73e5eda0520179f7cd126201b3c48e
Details md5 1 
8df24d58771ddd234e501d829878c4c9
Details md5 1 
e153d073305e9c81f159790d5974c33c
Details md5 1 
3bcf293da9ead23f641eae7688f47989
Details md5 1 
3cdef8225b0872b89c4a3eb677b44499
Details md5 1 
915fd1cdb69bf18d1f73549f6d5fd7c7
Details md5 1 
de8b56260476fecd8291eb7db21958fb
Details md5 1 
feb528729ffd2e59166f5063edbd2fdc
Details md5 1 
e40c2f168946f7194fdcf14984b18dbd
Details md5 1 
7bb6e8906a0daedb5a872be9bf9efc15
Details md5 1 
eec511e01e9e99500dad1dad5b1f95da
Details md5 1 
6e99606f611109b4d797469ecdc48d4a
Details md5 1 
78ebdef5771ca29c0bfe4faec242ff34
Details md5 1 
a2d5ec971571a14d8fb52eafb6b870d7
Details md5 1 
819ebffcb61f8fb1c48960a906b81081
Details md5 1 
69c323e38d7fc42bd727b7ccf908fa50
Details md5 1 
23ae38390ffd78fdddff9fd96453119c
Details md5 1 
76de5446bd4427858e8a3b12b3d15f77
Details md5 1 
9cd3d0b2a198b998a80580eada1a113d
Details md5 1 
a4c55995cdcde200c09c545e6ab0ecd4
Details md5 1 
956565e1d1085d41d17571a1117d1481
Details md5 1 
b6fad24f4c916d33d6d7bf94197c973d
Details md5 1 
abb57da15fe1176f0a56a4b82a0a0e25
Details md5 1 
d8cef2c2069118c66b1c75f113626fcf
Details md5 1 
d775ccb1c93ca876a0d2ff0228d84e3e
Details md5 1 
aeee19cbe274f32ee83e0d5a28178ee5
Details md5 1 
fea8167cb58393e2b7aa3fa4e3857f24
Details md5 1 
94225e1d103479828bef47a069ef4ef3
Details md5 1 
62d6453529e7559cbea59600a83f870d
Details md5 1 
1818f833f4d654f76009885605b37f2a
Details md5 1 
00fa891101b4601fbc7cd2cd66eba10f
Details md5 1 
2a807fbd301499b442c3751ca3086681
Details md5 1 
ae6725ed917a70102c0cfb3050a8c278
Details md5 1 
4b42a0a525a4c6840a1b74621e6fdd00
Details md5 1 
a419e6b2e63a449f2d261920ae535ede
Details md5 1 
8732db8a00e54d4563ee4500aa2726b5
Details md5 1 
cfb5d62497bd1c277d2079cf943d9ff6
Details md5 1 
d5e1660fd9b842afb055005dfc4733b7
Details md5 1 
ac80ff070f79c5dc7a3454c97f950744
Details md5 1 
ba8ad308b649c46a06017680df4734f2
Details md5 1 
b2f990367964eef7093f382f174f35e9
Details md5 1 
cba79d0950de4f0fe07a6843a0f90ef1
Details md5 1 
fa5a0c975813a54c70f0b5438ad2ea52
Details md5 1 
3f53a77b20c55d3f664478a22567a1c5
Details md5 1 
b491f711272344f719ee13d98ff337bf
Details md5 1 
ad0388c2657426eca03800a5e6f9e324
Details md5 1 
9829f84fa25599049655f967f437343d
Details md5 1 
a169fb1a323c970f7a169b30657112cc
Details md5 1 
d50fef57ac27c858dcac1d9b38c59452
Details md5 1 
ff3289eb561cb37af573eefd73e17565
Details md5 1 
c447674323e2fca8b78e215759426cbf
Details md5 1 
9d4c3f5fc6c57b311a1426614f572026
Details md5 1 
e1bff429b1c0ebd9bf4687dabc7012d2
Details md5 1 
b5686152e9e35844fc36304b019b2398
Details md5 1 
f301ffdb36d5791f6d886b59e4c56614
Details md5 1 
07eb585b200c7aa2634b6815c7d758be
Details md5 1 
2b4e8a748b2fb123cd5a106fc838f3c1
Details md5 1 
97e9e5e420256d938dbda45aa792e0e3
Details md5 1 
32b2d9f37c2ad9dc8350213bfe4e86f7
Details md5 1 
a5ba098ff1a7258e89be53bbb436f6d5
Details md5 1 
d99fbe73e529110529c00ea713ae3e65
Details md5 1 
2f3fd9e718316bc9e26e8aab11db707a
Details md5 1 
7d2984bffe8119d5516271df390a930a
Details md5 1 
65eef58b3c1da89fb5a282522c084fb9
Details md5 1 
079feda86cace84e8ca835e146ab0f0c
Details md5 1 
63a36317393ff3ea158083f67663eea4
Details md5 1 
58cb38a174c52dd6b5574ebf7efdd9b7
Details md5 1 
0b9d43bac93982250061e4a9643966e1
Details md5 1 
6449b05a4b391b74132378bbcbddf608
Details md5 1 
8b1528a78d7716d5c52797456f99ec75
Details md5 1 
16db56d9a318e8c013e9edabe384a021
Details md5 1 
59c1002802ba0fbe1184b7d53ca63611
Details md5 1 
c6414a97a110f8eb0cb9564013a8bd1b
Details md5 1 
20655e73dd090d9414af9ffe586eea04
Details md5 1 
ea4ed54c7093ad6d2bc3eeb71c8a3554
Details md5 1 
c59badc576ad0f460517d8f3af1c37b1
Details md5 1 
75f27f1c006cb9752c068b26e938f3a2
Details md5 1 
f2255f5a5e7f2a19642557d3999945e8
Details md5 1 
e67888266db0229b8a9ea516e935b295
Details md5 1 
82719e00373b053d13fc9e32e054097e
Details md5 1 
78b27dbc5c39d4d9a0dc0bfcec3f04f1
Details md5 1 
887cfc738950c8768d07ae05ed7bb1f8
Details md5 1 
a2c49394ec79c44e4c9bd8a998dce757
Details md5 1 
fa5edc05d6d7a9d50f2d83803832d92f
Details md5 1 
58c1d5dd6cc2e9996a631df8723cedbf
Details md5 1 
e7d6901f9aef9ff66d3a2bef0afeb5f4
Details md5 1 
1d3cd9ca31ba177237db973a874403ba
Details md5 1 
0888bcc5bd9c722ad50332fbd43c15e8
Details md5 1 
ba6c699acd9fc9a77222be4ef270f37f
Details md5 1 
4bdf963931aa83a1fcd519c71df19f1d
Details md5 1 
1d7b251c7d9d2b3ebf44b6321b1dffbc
Details md5 1 
183b863415c58dc453f7c320711c16ed
Details md5 1 
c6688ae7a75cc1f8e8969205542a198c
Details md5 1 
2e0736b673c24d6b9329a4e79c4efafd
Details md5 1 
601d264436cb773d43760d8b3e4ad5e4
Details md5 1 
fb682408b7be3b9ca62c07724a7d4f6e
Details md5 1 
5107acb290f06571cff2e28273125341
Details md5 1 
063e3ca9b211a7a653f3795ae696a28a
Details md5 1 
28a424c3b03501e9a164000f379fddb1
Details md5 1 
f7855cb44ab336c4489cbd33ea30abf2
Details md5 1 
c1320d9de397d9615ab8067e46a91b14
Details md5 1 
18dc340f7f3ec0338952b10fedd4b67f
Details md5 1 
331487d7a372fbb8d378f18c8d7f5790
Details md5 1 
9b13391d9dd985d13afd29a77921c847
Details md5 1 
a462d9956888676860d9a43c32a83fb1
Details md5 1 
444bcb3a3fcf8389296c49467f27e1d6
Details md5 1 
95739b2e1f7b9d344e672cfa3d7d4f36
Details md5 1 
a277e780860da78591d85058a343bc55
Details md5 1 
7f6e56868c449b2f9665383cdca6891f
Details md5 1 
112df3b7292259b25c0aded0433a7da4
Details md5 1 
d5c452e714b9acaf3f74e38b0ade86cf
Details md5 1 
e84f2c12de7bca71cf8607f4af174bfe
Details md5 1 
2f4b0081d9a3ff46a8235a5ed91609a2
Details md5 1 
e9d2985b1fb7406cc6b4f5ec701f46ff
Details md5 1 
0717e07951e0b33f91c4f3c18bfe6b65
Details md5 1 
7d1600db3144c4f7bf6c169abcf06e50
Details md5 1 
429c18e66a13bdfc79db32f3f46df180
Details md5 1 
627953b1f8d0f3a43b7d28e3d6ac871d
Details md5 1 
c29d86db9e8d1feae47cf944263de804
Details md5 1 
4d6ffbea2f0e8ba1ba6b106c6b033ec6
Details md5 1 
b92a37d89e9884cc97908d0b1aeb21a3
Details md5 1 
2edc36281939ab08b6db56aa2448c5d9
Details md5 1 
a85eb940314ea0effc74d21269f91614
Details md5 1 
d5c38324b7e485be9670db1c8613cb5e
Details md5 1 
7e3f1dbdcc310d1d0641a3e4da6d3d02
Details md5 1 
9932a10a6a0106089b3e999b5f1358f2
Details md5 1 
71ca5e47e3d9b07754393f02feb2fef9
Details md5 1 
a128bcfb569d1a7f66c6f78d45b49210
Details md5 1 
dce404046e69f796b0a779b279e4acc9
Details md5 1 
60d7be926dc7908a01bb2cc836317c24
Details md5 1 
be04f702123291b203e2fea897eadd09
Details md5 1 
df9c395f5640a450d5aba408567e7226
Details md5 1 
a2c801ee43ff3116ce812693f5c78912
Details md5 1 
12b028183fb3c1c6ae7490df805774ff
Details md5 1 
175830313c1916db904aab7b8e86c458
Details md5 1 
76d1475beae873740e79b1c9454fe14b
Details md5 1 
53a8ef5c59466b85ea45c43335ddb629
Details md5 1 
37db829df627011ab37fa541ea71d00e
Details md5 1 
6fd0e40ec98a453d9c73c7854f166aaa
Details md5 1 
bdb4e27b10a253509c96fecc4967ce0e
Details md5 1 
b993c543af9af801e71656499a4c6800
Details md5 1 
76b253d585534773a5096b1a925e19f2
Details md5 1 
fd49759ca686862225c1bbb86341d060
Details md5 1 
9af259b9be66a019f2c3191beb5c90ea
Details md5 1 
e40fba16c0c65774618589cad251d088
Details md5 1 
c9e44d64d39d312d0752bb28b9e2d650
Details md5 1 
74a107a8982b13f26a43abc4ea192066
Details md5 1 
2e4bf486e7f76fe32187221e3bdb5099
Details md5 1 
edab70b7eaf6a427c635ee98d9ec43e6
Details md5 1 
e4b5c2706961858e71ff95b0a9d49533
Details md5 1 
71e3f83831c94d2d61691e587db505e2
Details md5 1 
fd01ddcd954c0481b401bbbc7b1b9133
Details md5 1 
350e3de1f003f18ecf81bbae7c9282f2
Details md5 1 
c86374ff5e281d3abf124a11aeb6aa0c
Details md5 1 
4a8683397302af5d59bd68a6d2508e56
Details md5 1 
d159497e9786d8bc80ee3176407232cf
Details md5 1 
f54fde502ee4056ae59df7156fa9961f
Details md5 1 
4e4bd491a86e7c94714b3fa69d774e9f
Details sha1 1 
1edcdc6899fe0aad0b953dee9f3660da0e052699
Details sha1 1 
ef0692e35a6d55aff3814ebe4e40fc231a24873e
Details sha1 1 
ed586dd2973f3126ff07950dacbd484643de06f7
Details sha1 1 
f623849274e0303a33a20f28d5b972869b89f947
Details sha256 1 
e5bc55ce98909742d2f1353b3bc8749ecc71206a5b8fa2e656d2a3ae186c1e63
Details sha256 1 
afc950a4a18fd71c9d7be4c460e4cb77d0bcf29a49d097e4e739c17c332c3a34
Details sha256 1 
f4a57ad535ec4b0c7c1b3fbd9a116e451a392ee3f1e5e8b7a5ee0b05141208cc
Details sha256 1 
19b7183a3eed215c98ce35ac4168917345ef97c104b0c5a7ea43919f094a3bc3
Details sha256 1 
de0eb9f1d712ec2c91fea05e26fb01a019cadcc8beb4ad6d2f4a0b4db2cfbfaf
Details IPv4 1 
45.83.122.33
Details MITRE ATT&CK Techniques 420 
T1204
Details MITRE ATT&CK Techniques 245 
T1203
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 440 
T1055
Details MITRE ATT&CK Techniques 164 
T1574
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 235 
T1562
Details MITRE ATT&CK Techniques 238 
T1497
Details MITRE ATT&CK Techniques 348 
T1036
Details MITRE ATT&CK Techniques 247 
T1070
Details MITRE ATT&CK Techniques 107 
T1564
Details MITRE ATT&CK Techniques 433 
T1057
Details MITRE ATT&CK Techniques 1006 
T1082
Details MITRE ATT&CK Techniques 185 
T1518
Details MITRE ATT&CK Techniques 444 
T1071
Details MITRE ATT&CK Techniques 492 
T1105
Details MITRE ATT&CK Techniques 115 
T1571
Details Url 1 
http://45.83.122.33/admin/wevtutil.exe
Details Url 1 
http://45.83.122.33/admin/microsoft.appv.appvclientwmi.exe
Details Url 1 
http://45.83.122.33/admin/avicap32.exe
Details Url 1 
http://clipper.guru/bot/regex?key=afc950a4a18fd71c9d7be4c460e4cb77d0bcf29a49d097e4e739c17c332c3a34
Details Url 1 
http://clipper.guru/bot/online?guid=desktop
Details Url 1 
http://clipper.guru/bot/get?address=0x5b28638188d7d9be3cafe4eb72d978a909a70466&key=afc950a4a18fd71c9d7be4c460e4cb77d0bcf29a49d097e4e739c17c332c3a34