General

  • Target

    f24767aa5b3c45b8947b25d353119474c77cdae40ffd71b1d36f1e4403afc6c1

  • Size

    1.7MB

  • Sample

    240806-skjktawdkh

  • MD5

    9ae1266d3813d50a06c168a354883d9a

  • SHA1

    fc3eb5c2c59b7220108da4da65f4ffb29839646f

  • SHA256

    f24767aa5b3c45b8947b25d353119474c77cdae40ffd71b1d36f1e4403afc6c1

  • SHA512

    f60223ac2d31665490b1086aab39884e893eb300ee2eff429fcd200e0fcb5bbc4c04be344268c761ca001a2c6532028d22d87f824d3ef87069037200ac052f98

  • SSDEEP

    49152:CHY/SeA4Z6vaiDu/r0cMsZhMHP/+DNcfcJRhQ0:CQ9fZ1wcMceH+5cP0

Score
10/10

Malware Config

Extracted

Path

/root/HOW_TO_DECRYPT.txt

Family

hive

Ransom Note
Your network has been breached and all data were encrypted. Personal data, financial reports and important documents are ready to disclose. To decrypt all the data and to prevent exfiltrated files to be disclosed at http://hiveleakdbtnp76ulyhi52eag6c6tyc3xw7ez7iqy6wc34gd2nekazyd.onion/
URLs

http://hiveleakdbtnp76ulyhi52eag6c6tyc3xw7ez7iqy6wc34gd2nekazyd.onion/

Targets

    • Target

      f7122a670e8ff23808fff2029ff69bf35930dd14785140f3bbcd491f89876377

    • Size

      2.9MB

    • MD5

      42cefb960328fc1cb4709ea2323c8c9e

    • SHA1

      43fe3bf88cf80a3c5b3a77f2b8d66813b7305477

    • SHA256

      f7122a670e8ff23808fff2029ff69bf35930dd14785140f3bbcd491f89876377

    • SHA512

      0b100b1a16128559b0f5b42e637bf9a8a3c2b0d392ff2170ec5fd899144b147d7f65fcb4a256c9c9e807403b2e6cf948222d3c234de81010be4c795bab0b7b85

    • SSDEEP

      49152:XOvI8AObrb/TivO90dL3BmAFd4A64nsfJ73CAdQMP83g9EC64xJCz15e82Iv4Qb0:GQNDHn28xc0+r

    Score
    10/10
    • Hive

      A ransomware written in Golang first seen in June 2021.

MITRE ATT&CK Enterprise v15

Tasks