hive

General

Target

mayb_hive_18481291930.zip
Size

1.7MB
Sample

240806-sefa7swcjf
MD5

9ae1266d3813d50a06c168a354883d9a
SHA1

fc3eb5c2c59b7220108da4da65f4ffb29839646f
SHA256

f24767aa5b3c45b8947b25d353119474c77cdae40ffd71b1d36f1e4403afc6c1
SHA512

f60223ac2d31665490b1086aab39884e893eb300ee2eff429fcd200e0fcb5bbc4c04be344268c761ca001a2c6532028d22d87f824d3ef87069037200ac052f98
SSDEEP

49152:CHY/SeA4Z6vaiDu/r0cMsZhMHP/+DNcfcJRhQ0:CQ9fZ1wcMceH+5cP0

Score

10^/10

Malware Config

Extracted

Path

/root/HOW_TO_DECRYPT.txt

Family

hive

Ransom Note

Your network has been breached and all data were encrypted. Personal data, financial reports and important documents are ready to disclose. To decrypt all the data and to prevent exfiltrated files to be disclosed at http://hiveleakdbtnp76ulyhi52eag6c6tyc3xw7ez7iqy6wc34gd2nekazyd.onion/

URLs

http://hiveleakdbtnp76ulyhi52eag6c6tyc3xw7ez7iqy6wc34gd2nekazyd.onion/

Targets

- Target
  
  f7122a670e8ff23808fff2029ff69bf35930dd14785140f3bbcd491f89876377
- Size
  
  2.9MB
- MD5
  
  42cefb960328fc1cb4709ea2323c8c9e
- SHA1
  
  43fe3bf88cf80a3c5b3a77f2b8d66813b7305477
- SHA256
  
  f7122a670e8ff23808fff2029ff69bf35930dd14785140f3bbcd491f89876377
- SHA512
  
  0b100b1a16128559b0f5b42e637bf9a8a3c2b0d392ff2170ec5fd899144b147d7f65fcb4a256c9c9e807403b2e6cf948222d3c234de81010be4c795bab0b7b85
- SSDEEP
  
  49152:XOvI8AObrb/TivO90dL3BmAFd4A64nsfJ73CAdQMP83g9EC64xJCz15e82Iv4Qb0:GQNDHn28xc0+r
Score

10^/10

hive ransomware
- Hive
  A ransomware written in Golang first seen in June 2021.
  ransomware hive
behavioral1