Sign In with your
Trend Micro Account
需要協助?
需要協助?

若您需要技術支援,請 按此建立案件。

CLOP Ransomware Information

    • 更新於:
    • 28 Oct 2019
    • 產品/版本:
    • Apex One 2019
    • Deep Discovery Email Inspector 3.5
    • Deep Security 12.0
    • InterScan Messaging Security Suite 9.1
    • OfficeScan XG
    • Worry-Free Business Security Advanced 10.0
    • Worry-Free Business Security Standard 10.0
    • 作業系統:
概要

RANSOM is the Trend Micro detection for most ransomware. Most ransomware are known to restrict the user from fully accessing the system. It also encrypts files and demands a ransom to be paid in order to decrypt or unlock the infected machine.

Ransomware infects computers through various means. Most of ransomware come as a macro or JavaScript attachment in spammed email. Some are delivered as a link, also in spammed email. Others are delivered by exploit kits. Some others are delivered via malvertisements or compromised websites.

To prevent ransomware, users should use protection that also covers against spam and malicious links. Also, make sure to regularly create backup copies of all important files.

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be unknowingly downloaded by a user while visiting malicious websites. It may arrive using one or multiple arrival methods.

Behaviors

  • Resides in memory
  • Created mutex
  • Created multiple copies of a file
  • Process Termination

Capabilities

  • Backdoor commands

Impact

  • Compromise system security - with backdoor capabilities that can execute malicious commands

Infection Routine

CLOP

詳情
Public

File Reputation

Detection/Policy/RulesPattern Branch/VersionRelease Date
BKDR_CLOP.A5.883.0039910
BKDR_CLOP.WA6.893.0040241
BKDR_CLOP.WC6.875.00February 25, 2010
Ransom.Win32.CLOP.D14.831.00February 22, 2019
Ransom.Win32.CLOP.D14.831.00February 22, 2019
Ransom.Win32.CLOP.F14.847.00March 2, 2019 
Ransom.Win32.CLOP.F.note14.847.00March 2, 2019 
Ransom.Win32.CLOP.M15.275.0043680
Ransom.Win32.CLOP.THBAAAI14.807.00February 11, 2019
Trojan.BAT.CLOP.A14.857.00March 7, 2019 
Trojan.BAT.CLOP.A.component14.831.00February 22, 2019
Trojan.Win32.CLOP.A.note15.275.0043680

Behavior Monitoring

Pattern Branch/VersionRelease Date
180106/29/2018

Predictive Machine Learning

DetectionPattern Branch/Version
TROJ.WIN32.TRX.XXPE50FFF028
TROJ.WIN32.TRX.XXPE50F13006
TROJ.WIN32.TRX.XXPE50FFF029
In-the-cloud

Web Reputation

Detection/Policy/RulesPattern Branch/Version
URL ProtectionIn-the-cloud

Solution Map - What should customers do?

ProductLatest VersionVirus PatternAntispam PatternNetwork PatternBehavior MonitoringPredictive Machine LearningWeb Reputation
Apex One2019Update Pattern via
web console
N/AN/AEnable Behavior Monitoring and
update pattern via
web console
Enable Predictive Machine LearningEnable Web Reputation Service and
update pattern via
web console
OfficeScanXG
Worry-Free Business SecurityStandard (10.0)
Advanced (10.0)
Deep Security12.0Update pattern via
web console
N/A
Deep Discovery Email Inspector3.5Update pattern via
web console
Update pattern via
web console
N/AN/A
InterScan Messaging Security9.1
InterScan Web Security6.5
ScanMail for Exchange14.0
Deep Discovery Inspector5.5N/A

Recommendation

Make sure to always use the latest pattern available to detect the old and new variants of CLOP malware.

Threat Report

Threat Encyclopedia: CLOP (search)

Blogs

Narrowed Sights, Bigger Payoffs: Ransomware in 2019

Premium
Internal
評價:
分類:
Remove a Malware / Virus
解決方案ID:
000151740
評定這個解決方案
本文是否幫助解決您的問題?

感謝您的意見!

請留下您的Email方便進一步的聯繫,協助我們改進文章內容:
我們不會透過以上Email寄送任何可能騷擾您的垃圾信.

本意見調查系統為自動運作,將不會回覆如銷售、技術、產品等一般問題.

若您需要協助,請聯繫對應的技術支援窗口. 聯絡我們


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.