Clop, CIop, CIop2
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | d96b8e67-3a60-48b6-a5d7-0e23b18faa66 |
| Fingerprint | b6555b764a7e18ab |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 8, 2019, 9:58 a.m. |
| Added to db | Jan. 18, 2023, 7:55 p.m. |
| Last updated | Nov. 17, 2024, 5:54 p.m. |
| Headline | Шифровальщики-вымогатели The Digest "Crypto-Ransomware" |
| Title | Clop, CIop, CIop2 |
| Detected Hints/Tags/Attributes | 44/1/41 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://id-ransomware.blogspot.com/2019/02/clop-ransomware.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 167 | tutanota.com |
|
| Details | Domain | 4 | santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion |
|
| Details | Domain | 1 | santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion.ly |
|
| Details | Domain | 911 | any.run |
|
| Details | Domain | 6 | eqaltech.su |
|
| Details | Domain | 6 | royalmail.su |
|
| Details | Domain | 5 | goldenbay.su |
|
| Details | Domain | 5 | graylegion.su |
|
| Details | Domain | 1 | qraylegion.su |
|
| Details | Domain | 1 | instasoftwaresolution.com |
|
| Details | Domain | 2 | support-box.com |
|
| Details | Domain | 1 | support-iron.com |
|
| Details | Domain | 4 | ekbgzchl6x2ias37.onion |
|
| Details | Domain | 1 | cvfzmngbtwzywfnryt45zro4ocpze7cqdtzj2n6jz7eucpdglsulcsid.onion |
|
| Details | 4 | servicedigilogos@protonmail.com |
||
| Details | 4 | managersmaers@tutanota.com |
||
| Details | 1 | antnony.blackmer@protonmail.com |
||
| Details | 6 | unlock@eqaltech.su |
||
| Details | 2 | icarsole@protonmail.com |
||
| Details | 6 | unlock@royalmail.su |
||
| Details | 4 | kensgilbomet@protonmail.com |
||
| Details | 1 | cersiacsofal@protonmail.com |
||
| Details | 5 | unlock@goldenbay.su |
||
| Details | 5 | unlock@graylegion.su |
||
| Details | 1 | unlock@qraylegion.su |
||
| Details | 1 | collyhuwkmac@tutanota.com |
||
| Details | 1 | unlockf@graylegion.su |
||
| Details | 1 | unlockf@goldenbay.su |
||
| Details | 1 | tyrkinovusr@tutanota.com |
||
| Details | 1 | vutukuri@instasoftwaresolution.com |
||
| Details | 1 | dinoriuss1973@tutanota.com |
||
| Details | 2 | unlock@support-box.com |
||
| Details | 1 | unlock@support-iron.com |
||
| Details | 1 | brendondors1983@tutanota.com |
||
| Details | File | 1 | clop.exe |
|
| Details | File | 9 | clopreadme.txt |
|
| Details | File | 3 | ciopreadme.txt |
|
| Details | File | 14 | instructions.txt |
|
| Details | File | 2 | cl0preadme.txt |
|
| Details | Url | 1 | http://cvfzmngbtwzywfnryt45zro4ocpze7cqdtzj2n6jz7eucpdglsulcsid.onion |