General
-
Target
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.sample
-
Size
235KB
-
Sample
220801-j625lsfeck
-
MD5
c41a0e1ddeb85b6326a3dc403a5fd0fa
-
SHA1
3c8e60ce5ff0cb21be39d1176d1056f9ef9438fa
-
SHA256
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9
-
SHA512
2e380295fe24b54e04699a43f4b124501f4b25ca356857b7a137718f1904dd60c3d7f40cea11063acbf15f5db85712d94a4572b8729d7cdc20ae9de9ace1882a
Static task
static1
Behavioral task
behavioral1
Sample
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.exe
Resource
win10-20220718-en
Behavioral task
behavioral2
Sample
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
C:\ClopReadMe.txt
clop
Targets
-
-
Target
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.sample
-
Size
235KB
-
MD5
c41a0e1ddeb85b6326a3dc403a5fd0fa
-
SHA1
3c8e60ce5ff0cb21be39d1176d1056f9ef9438fa
-
SHA256
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9
-
SHA512
2e380295fe24b54e04699a43f4b124501f4b25ca356857b7a137718f1904dd60c3d7f40cea11063acbf15f5db85712d94a4572b8729d7cdc20ae9de9ace1882a
Score10/10-
Clop
Ransomware discovered in early 2019 which has been actively developed since release.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-