General
-
Target
3320f11728458d01eef62e10e48897ec1c2277c1fe1aa2d471a16b4dccfc1207
-
Size
100KB
-
Sample
201014-rq1z9pa6ye
-
MD5
8752a7a052ba75239b86b0da1d483dd7
-
SHA1
6eeef883d209d02a05ae9e6a2f37c6cbf69f4d89
-
SHA256
3320f11728458d01eef62e10e48897ec1c2277c1fe1aa2d471a16b4dccfc1207
-
SHA512
57d19e9254ecaeaf301e11598c88b1440f3f85baf0cb8d7a0ac952cd6d63f565df9809b13f50a059302bfb0f81a5c498e49837e2e9480ec9b51c14a409fbdb65
Static task
static1
Behavioral task
behavioral1
Sample
3320f11728458d01eef62e10e48897ec1c2277c1fe1aa2d471a16b4dccfc1207.exe
Resource
win7v200722
Behavioral task
behavioral2
Sample
3320f11728458d01eef62e10e48897ec1c2277c1fe1aa2d471a16b4dccfc1207.exe
Resource
win10
Malware Config
Extracted
C:\ClopReadMe.txt
clop
Targets
-
-
Target
3320f11728458d01eef62e10e48897ec1c2277c1fe1aa2d471a16b4dccfc1207
-
Size
100KB
-
MD5
8752a7a052ba75239b86b0da1d483dd7
-
SHA1
6eeef883d209d02a05ae9e6a2f37c6cbf69f4d89
-
SHA256
3320f11728458d01eef62e10e48897ec1c2277c1fe1aa2d471a16b4dccfc1207
-
SHA512
57d19e9254ecaeaf301e11598c88b1440f3f85baf0cb8d7a0ac952cd6d63f565df9809b13f50a059302bfb0f81a5c498e49837e2e9480ec9b51c14a409fbdb65
Score10/10-
Clop
Ransomware discovered in early 2019 which has been actively developed since release.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-