Extracted

• • Target

    aaa4f5bb1bd81db677b21938b03b0cd282c200a9cd0d82ef85c83805c9e8e66f

  • Size

    104KB

  • MD5

    6309c828dcf6b2aec630c1e9ce1887da

  • SHA1

    56f3b13f5b6e9f00f41cca172a68c2b0e3d6d478

  • SHA256

    aaa4f5bb1bd81db677b21938b03b0cd282c200a9cd0d82ef85c83805c9e8e66f

  • SHA512

    8b215a631b0074e034df20dcea19613e71c8b2ae7f8f1f34635af2842c316d98e97adb7be52dc8c7091ba27ee82430805214495c06a1fbdd42de8dfa40851b0b

  Score

  10^/10

  ransomwareclop

  • Clop

    Ransomware discovered in early 2019 which has been actively developed since release.

    ransomwareclop

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops desktop.ini file(s)

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2