Clop
Cl0p (Clop) is a FIN11 ransomware family active since 2019. Sourced from GOZi. Mass data theft with MOVEit/GoAnywhere vulnerabilities. RSA-1024 + AES + IOCP fast encryption.
Threat Profile
Type
Ransomware
Programming LanguageC/C++
C2 ProtocolEmail
First Seen2019
Targets
Kuresel — Kurumsal, Saglik, Finans
Purpose / Capabilities
- File Encryption
- Data Exfiltration
No C2 servers have been identified for this family yet.
Research Reports (2)
Cl0p Ransomware -- 336KB, RSA Public Key Gomulu, IOCP Hizli Sifreleme, CreateMutexA | Kritik
Cl0p 336KB. RSA public key gomulu. IOCP ile hizli dosya sifreleme. CreateMutexA.
Read Report →Cl0p Ransomware — 50+ Servis Kill, Veeam/Acronis/Sophos/McAfee/SQL Imha Listesi, vssadmin Shadow Delete | Kritik
Cl0p fidye yazilimi — 50+ enterprise servis kill komutu, Veeam/Acronis/Sophos/McAfee/MySQL/MSSQL imha, vssadmin shadow delete.
Read Report →