General
-
Target
9d0026a17b1bd281baf4cda8f6c7e52b9ed2edd180f8e3b85703931c50f11453
-
Size
320KB
-
Sample
230730-hrd9kagd75
-
MD5
cb7786ac2d9c0b586ccbe12b3bc32693
-
SHA1
4d40f8743c194671a96211ee6b4c751a4bf50871
-
SHA256
9d0026a17b1bd281baf4cda8f6c7e52b9ed2edd180f8e3b85703931c50f11453
-
SHA512
cee77848b9bed772e32aca5009ebde34bf1ef1ad62197630a20d9c9de3905e09881a9dc639bd56bc44f499815ed92cbc93d254423793f7bec58a4ff2e42a593e
-
SSDEEP
6144:Vk1F9vhVI8vzPW2t1BOGu1CuDq1hzF0r2Z:VeF9jI8vzPnt7YCF0SZ
Malware Config
Targets
-
-
Target
9d0026a17b1bd281baf4cda8f6c7e52b9ed2edd180f8e3b85703931c50f11453
-
Size
320KB
-
MD5
cb7786ac2d9c0b586ccbe12b3bc32693
-
SHA1
4d40f8743c194671a96211ee6b4c751a4bf50871
-
SHA256
9d0026a17b1bd281baf4cda8f6c7e52b9ed2edd180f8e3b85703931c50f11453
-
SHA512
cee77848b9bed772e32aca5009ebde34bf1ef1ad62197630a20d9c9de3905e09881a9dc639bd56bc44f499815ed92cbc93d254423793f7bec58a4ff2e42a593e
-
SSDEEP
6144:Vk1F9vhVI8vzPW2t1BOGu1CuDq1hzF0r2Z:VeF9jI8vzPnt7YCF0SZ
Score10/10-
Clop
Ransomware discovered in early 2019 which has been actively developed since release.
-
Renames multiple (148) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (173) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-