clop | 3c40ecf9dbc3d4ca1e3afa06cd9a9cfd22041cca117a4d767afc03dececc59a0

General

Target

Cl0pRansomware.7z
Size

5.2MB
Sample

250329-nhzrsstm17
MD5

8bdbdf89f41e42e658a4c849aaa2f3b0
SHA1

23614a30b1216592e26aeeb8b171454788e07567
SHA256

3c40ecf9dbc3d4ca1e3afa06cd9a9cfd22041cca117a4d767afc03dececc59a0
SHA512

c88a5d12f7856df4dd7a7cd171f966e49b388217a91b7beb29f7f6403cab1fe9a72efbeef579e6e94f164d4cc2d66f28d2d848b10bf447b85d2d6d0b89db4324
SSDEEP

98304:VvdpQqz2yi2bDNdeWH4Gny4PfQOOv5d6hYqOFcWgP64tdcYBu/Q5UDyA1dvj6ugB:Vv7Q824PNdd5XHub/GWotSYu/OA1dv2t

Score

10^/10

clop discovery

Malware Config

Extracted

Family

clop

Ransom Note

___ Universidad de La Salle ___ === DO NOT ATTEMPT TO RESTORE OR MOVE THE FILES YOURSELF. THIS MAY DESTROY THEM === Here are some of the files we downloaded from your network: \\172.19.20.216\C$\Users\ruthrodriguezez \\172.19.0.25\Secretaria General Docs \\172.19.15.59\C$\Users\sarangel If you refuse to cooperate, all data will be published for free download on our portal: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/ -> TOR browser CONTACT US BY EMAIL-> [email protected] or [email protected] OR WRITE TO THE CHAT AT-> http://6v4q5w7di74grj2vtmikzgx2tnq5eagyg2cubpcnqrvvee2ijpmprzqd.onion/remote0/93868e77-1331-411a-9643-dc9ad26a5095?secret=lasalle (use TOR browser)

Targets

- Target
  
  46cd508b7e77bb2c1d47f7fef0042a13c516f8163f9373ef9dfac180131c65ed
- Size
  
  743KB
- MD5
  
  f59d2a3c925f331aae7437dd7ac1a7c8
- SHA1
  
  40b7b386c2c6944a6571c6dcfb23aaae026e8e82
- SHA256
  
  46cd508b7e77bb2c1d47f7fef0042a13c516f8163f9373ef9dfac180131c65ed
- SHA512
  
  04e0165e9b029b28c2d86659f99cb3d01246995fc4125548f68877c545daa20b36aa4824f59fc387a35a8390d6a1fe390812d38f9a3b545b61877df27d975ca5
- SSDEEP
  
  12288:srSPZ0yEmwXpaYcV9/H3a3jAX1lo+PJeyzOFHBBJJOi/9/AGrib4NufaWpMG8SJN:sGPKyhYp/u/H3ijALpPJmljl9/ATpMb8
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  c793a9225d799150538f058c886e2806083f6bc33813a3bd8231ab2775b7ec2f
- Size
  
  5.0MB
- MD5
  
  5e52f75d17c80dd104ce0da05fdfc362
- SHA1
  
  4fa2b95b7cde72ff81554cfbddc31bbf77530d4d
- SHA256
  
  c793a9225d799150538f058c886e2806083f6bc33813a3bd8231ab2775b7ec2f
- SHA512
  
  6d75cd2f18b6cf334b0369204ea97fdbb087965cc288747e928dc41f3f8bd2c8be714e052c5961321613730e065857aba1cf2e496c9dd36f014804b7cd555ab4
- SSDEEP
  
  98304:8eduYmzG0q6evE0yxVFJ4qXcnlYYIZ/ejG0iFHOMa4moju3BCsfRgr8TclfPOH:8eUYmzG0q6ec0yxVFJXXQlOZ/ejG0iFg
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  dd2f458a29b666bbfe5a5dbf6a36c906d0140e0ae15b599e8b4da1863e7e41ff
- Size
  
  5.9MB
- MD5
  
  4431b6302b7d5b1098a61469bdfca982
- SHA1
  
  ac71b646b0237b487c08478736b58f208a98eebf
- SHA256
  
  dd2f458a29b666bbfe5a5dbf6a36c906d0140e0ae15b599e8b4da1863e7e41ff
- SHA512
  
  94056808e6ea145952d8e446b0c5ab4d69618893b7e1b7b494750d4b2f8a9ea384464e73c16e9ed33b6e1c8da55889fffd90a092b541f9cc2011b386edb454bd
- SSDEEP
  
  98304:PwAMd/hmXCHBucSb33PswRXIlDuCaBf7DLCzP8qj7BK4uL8AzA6yaaVepr:PwAMd/hmXCHBucSz3PswRXIlcBf7DLCs
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6