DUBAI, UAE, July 24, 2023/EINPresswire.com/ — ANY.RUN, a cybersecurity company developing an interactive sandbox analytical platform for malware researchers, presents the LaplasClipper Malware Analysis.
𝐖𝐡𝐚𝐭 𝐢𝐬 𝐋𝐚𝐩𝐥𝐚𝐬𝐂𝐥𝐢𝐩𝐩𝐞𝐫 𝐦𝐚𝐥𝐰𝐚𝐫𝐞?
LaplasClipper, as its name implies, is a clipper variant. Its primary malicious function is to monitor the user’s clipboard (T1115). Attackers typically use it to swap out cryptocurrency addresses with ones they control. When users paste the address into a wallet to transfer funds, it’s the attacker’s address that receives them.
𝐊𝐞𝐲 𝐩𝐨𝐢𝐧𝐭𝐬
ANY.RUN has dissected a fresh malware sample from the LaplasClipper family, developed on the .NET platform and obfuscated using Babel.
In the process of research, ANY.RUN has uncovered the sample’s internal settings, examined some techniques leveraged by the obfuscator to complicate the sample analysis, and outlined strategies to counter them.
ANY.RUN findings provide a solid understanding of the fundamental principles of protective mechanisms on the .NET platform. It’s critical to recognize that even the most complex protective methods rest on basic concepts, which are essential to understand and identify.
Read more with the code & script examples in the article at ANY.RUN.
Vlada Belousova
ANYRUN FZCO
2027889264
email us here
Visit us on social media:
Twitter
YouTube
