General
-
Target
328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265
-
Size
1.9MB
-
Sample
220620-g7rzxshacm
-
MD5
82ec6b7ef5830a1bbf2e0339f58d588c
-
SHA1
9141f592a1571d5f88850b46aa8a8219a57c42fd
-
SHA256
328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265
-
SHA512
c84a2bdc1c2ec085b2f15a92e1959829aff0229217c00ca658ddab057736a81eb998a4cb76addddbc62f22df964a1d37696c7bed0b302d5c3f65d9812ce401c9
Static task
static1
Behavioral task
behavioral1
Sample
328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265
-
Size
1.9MB
-
MD5
82ec6b7ef5830a1bbf2e0339f58d588c
-
SHA1
9141f592a1571d5f88850b46aa8a8219a57c42fd
-
SHA256
328252b9e55775ba66c44b45974d1e2e4f18540d31ac7d06054e42c0f1c56265
-
SHA512
c84a2bdc1c2ec085b2f15a92e1959829aff0229217c00ca658ddab057736a81eb998a4cb76addddbc62f22df964a1d37696c7bed0b302d5c3f65d9812ce401c9
Score10/10-
Clop
Ransomware discovered in early 2019 which has been actively developed since release.
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Drops file in System32 directory
-