clop | eceebf67a9022adc559db57ef161df8c532d810c8bc5b8187338ff10cca472d1 | Triage

Resubmissions

17/03/2025, 03:22

250317-dw4ykaywhz 10

17/03/2025, 02:00

250317-cfczgawybw 10

Sharing

General

Target

JaffaCakes118_7c7dad601c488b31c1bd958296787b26
Size

55KB
Sample

250317-cfczgawybw
MD5

7c7dad601c488b31c1bd958296787b26
SHA1

7b6d039cfa14a6955f0386f2495be80c985c6f15
SHA256

eceebf67a9022adc559db57ef161df8c532d810c8bc5b8187338ff10cca472d1
SHA512

2ca2458699c952f06240d70d4cac485c4b90346fd9a62469b3151860757094a159a263d16f6e8adfb45060383fd94e5219e7506fc2a0fa725ae06f82e45b7add
SSDEEP

1536:yvAfsckgoGUx0fdCEQE2Dy+vJ+zJqsSq9HnA:yvA1sxECEQEkvJ4DSWHnA

Score

10^/10

clop discovery ransomware

Malware Config

Targets

- Target
  
  JaffaCakes118_7c7dad601c488b31c1bd958296787b26
- Size
  
  55KB
- MD5
  
  7c7dad601c488b31c1bd958296787b26
- SHA1
  
  7b6d039cfa14a6955f0386f2495be80c985c6f15
- SHA256
  
  eceebf67a9022adc559db57ef161df8c532d810c8bc5b8187338ff10cca472d1
- SHA512
  
  2ca2458699c952f06240d70d4cac485c4b90346fd9a62469b3151860757094a159a263d16f6e8adfb45060383fd94e5219e7506fc2a0fa725ae06f82e45b7add
- SSDEEP
  
  1536:yvAfsckgoGUx0fdCEQE2Dy+vJ+zJqsSq9HnA:yvA1sxECEQEkvJ4DSWHnA
Score

10^/10

clop discovery ransomware
- Clop family
  clop
- clop
  Ransomware discovered in early 2019 which has been actively developed since release.
  ransomware clop
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

clopdiscoveryransomware

behavioral2

clopdiscoveryransomware