Author: TALON (BLKSMTH, HOTSAUCE)

Date: 2020-11-23

Executive Summary


Distribution


Analysis of Clop Ransomware (#01)


1) Basic Properties (#01, Marker for Relation Analysis)

MD5 : 8b6c413e2539823ef8f8b85900d19724 SHA-1 : 2d92a9ec1091cb801ff86403374594c74210cd44 SHA-256 : 3d94c4a92382c5c45062d8ea0517be4011be8ba42e9c9a614a99327d0ebdf05b Type : Win32 EXE (PE32 executable for MS Windows (GUI) Intel 80386 32-bit) Build Time : 2020-11-20 18:18:18

2) Malware Behaviour

Full execution flow of Clop ransomware

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/02400b9f-b864-4b50-b4b8-cecf8e67c0ba/Untitled.png