Scribd
Upload
14 views4 pages

Malware Lab

The document provides a case study on two types of malware: Clop Ransomware and Shlayer. Clop, released in March 2019, targets Windows systems and spreads through spam emails, leading to financial loss and data encryption, while Shlayer, released in April 2021, targets macOS using fake Flash updates and collects personal data. Both malware types exploit vulnerabilities and provide steps for removal.

Uploaded by

harikk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views4 pages

Malware Lab

The document provides a case study on two types of malware: Clop Ransomware and Shlayer. Clop, released in March 2019, targets Windows systems and spreads through spam emails, leading to financial loss and data encryption, while Shlayer, released in April 2021, targets macOS using fake Flash updates and collects personal data. Both malware types exploit vulnerabilities and provide steps for removal.

Uploaded by

harikk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Malware case study

Clop Ransomware

1.The year the malware released

The clop was released on march 2019

2.The platform the malware is targeting

Window XP, Windows7,Windows 8,Windows 8.1 ,Windows 10

3.How the infect the host/target

Clop ransomware can be introduced in the system with a variety of methods such spam
email,trojans,hyperlinks .But mostly it infected the host by junk attachment and download link present
in the body of the email. These unrequested email generally seem to be from well known organisation
such as bank and insurance companies. Once it injected into system, a fake certificate issued to
excutable grant the clop virus elevated privileges and initiates the clearnetwordns_11-22-33.bat fiile

4.What is vulnerability the malware exploit

Unprotected Remote Desktop Protocol (RDP) Connection

Unfilter email and junk attachment

5.The impact of the malware to the host

Lost of financial because need to pad ransomware

Cannot access the personal data and companies data due to lock and encrypted files

6.The step to remove the malware

 First of all need to restart your device


 Secondly, Press Settings button;
 Select Safe Mode;
 Discover programs or files possibly linked to Clop by using Removal Tool;
 Erasefound files.

Link https://heimdalsecurity.com/blog/clop-ransomware-overview-operating-mode-prevention-and-
removal/
Shylayer

1.The year the malware released

April 13 ,2021

2.The platform the malware is targeting

MacOS

3.How the infect the host/target


Recent Shlayer malvertising campaigns have gone back to using fake Flash updates
and social engineering tactics to trick victims into manually installing the macOS
malware and compromising their systems. Shlayer malvertising campaigns have gone
back to using fake Flash updates an social enginerring attack to trick victims into
manually installing the macOS malware and compromising their systems.

4. What is vulnerability the malware exploit

Appy a zero-day vulnerability

5.The impact of the malware to the host

 Shylayer adware collects the victim's personal data


 tracks browsing activities that can be used to target additional ads.

6.The step to remove the malware

 Open up the Utilities folder as shown below


 Locate the Activity Monitor icon on the screen and double-click on it

 Under Activity Monitor, find an entry that appears suspicious,


select it and click Quit Process
 A dialog should pop up, asking if you are sure you would like to quit
the troublemaking process. Select the Force Quit option
 Click the Go button again, but this time select Applications on the
list. Find the dubious entry on the interface, right-click on it and
select Move to Trash. If user password is required, go ahead and
enter it
 Now go to Apple Menu and pick the System Preferences option

1. Select Accounts and click the Login Items button. The system will
come up with the list of the items that launch when the computer is
started up. Locate the potentially unwanted object there and click on
the “-” button

You might also like