General

  • Target

    328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265

  • Size

    1.9MB

  • Sample

    220620-g7rzxshacm

  • MD5

    82ec6b7ef5830a1bbf2e0339f58d588c

  • SHA1

    9141f592a1571d5f88850b46aa8a8219a57c42fd

  • SHA256

    328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265

  • SHA512

    c84a2bdc1c2ec085b2f15a92e1959829aff0229217c00ca658ddab057736a81eb998a4cb76addddbc62f22df964a1d37696c7bed0b302d5c3f65d9812ce401c9

Score
10/10

Malware Config

Targets

    • Target

      328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265

    • Size

      1.9MB

    • MD5

      82ec6b7ef5830a1bbf2e0339f58d588c

    • SHA1

      9141f592a1571d5f88850b46aa8a8219a57c42fd

    • SHA256

      328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265

    • SHA512

      c84a2bdc1c2ec085b2f15a92e1959829aff0229217c00ca658ddab057736a81eb998a4cb76addddbc62f22df964a1d37696c7bed0b302d5c3f65d9812ce401c9

    Score
    10/10
    • Clop

      Ransomware discovered in early 2019 which has been actively developed since release.

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks