clop | d822ef82f0a6a0de05750a2761a4f112e862684534a2f3b233b0e493122c5e26 | Triage

Sharing

General

Target

JaffaCakes118_aea860f6f455c823503414fee11366e8
Size

52KB
Sample

250206-x7eycsvja1
MD5

aea860f6f455c823503414fee11366e8
SHA1

7de5339885939529d76c138217726c1f39723167
SHA256

d822ef82f0a6a0de05750a2761a4f112e862684534a2f3b233b0e493122c5e26
SHA512

dac6cc6d215069a4a5b5c9dd68f9d5eb80b1482e4a2dfc4bbdc7f44656ad343fb379d5fdf64d28d4526770d30d18278c0013f753eb33dd28aed5719936cc1b5b
SSDEEP

1536:cvAfsckgoGUx0fdCEQE2Dy+vJ+zJqsSq9Hne:cvA1sxECEQEkvJ4DSWHne

Score

10^/10

clop discovery ransomware

Malware Config

Targets

- Target
  
  JaffaCakes118_aea860f6f455c823503414fee11366e8
- Size
  
  52KB
- MD5
  
  aea860f6f455c823503414fee11366e8
- SHA1
  
  7de5339885939529d76c138217726c1f39723167
- SHA256
  
  d822ef82f0a6a0de05750a2761a4f112e862684534a2f3b233b0e493122c5e26
- SHA512
  
  dac6cc6d215069a4a5b5c9dd68f9d5eb80b1482e4a2dfc4bbdc7f44656ad343fb379d5fdf64d28d4526770d30d18278c0013f753eb33dd28aed5719936cc1b5b
- SSDEEP
  
  1536:cvAfsckgoGUx0fdCEQE2Dy+vJ+zJqsSq9Hne:cvA1sxECEQEkvJ4DSWHne
Score

10^/10

clop discovery ransomware
- Clop family
  clop
- clop
  Ransomware discovered in early 2019 which has been actively developed since release.
  ransomware clop
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

clopdiscoveryransomware

behavioral2

clopdiscoveryransomware