CLOP Ransomware Is Distributed in Various Format - ASEC BLOG
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007
Show in Graph
Common Information
Type Value
UUID 2360a035-9f30-482e-a25a-ac3c752421d9
Fingerprint a61da033159e27ce
Analysis status DONE
Considered CTI value 0
Text language
Published June 27, 2019, midnight
Added to db Sept. 11, 2022, 4:59 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline CLOP Ransomware Is Distributed in Various Format
Title CLOP Ransomware Is Distributed in Various Format - ASEC BLOG
Detected Hints/Tags/Attributes 30/2/22
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/en/17204/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
homeone.co.kr
Details Domain 2 
waiireme.com
Details Domain 3 
link.download
Details Domain 19 
vnd.ms
Details Domain 3 
link.click
Details Domain 2 
www.ma.mctv.ne.jp
Details Domain 2 
staler.se
Details Domain 2 
nanepashemet.com
Details File 1 
etaxinvoice_476543853.xls
Details File 1 
20190706_983782.xls
Details File 5 
1.xls
Details File 1 
c758935.xls
Details File 1 
i1806201911266473.doc
Details File 1 
37.xls
Details File 269 
msiexec.exe
Details File 1 
c:\programdata\nugets\wsus.exe
Details Url 1 
http://homeone.co.kr/etaxinvoice_476543853.xls
Details Url 1 
http://internet.e
Details Url 2 
http://waiireme.com/20190706_983782.xls
Details Url 1 
http://www.ma.mctv.ne.jp/~blanc/c758935.xls
Details Url 2 
http://staler.se/i1806201911266473.doc
Details Url 2 
http://nanepashemet.com/20.06.2019_781.37.xls