| Category | Details | References |
|---|---|---|
| Actors | ||
| First Observed | June 2021 | 1 |
| Threat Actors | ||
| Environment | ||
| Platforms | Windows | 2 |
| Artifacts | ||
| Extensions | .key, .hive | 3 |
| Ransomware Notes | How_to_decrypt.txt | 4 |
| Services It Disables | At least 34 | 1 |
| Other Observables | Leaves two .key files in C:\ | 1 |
| Automation | ||
| Automatically Gains Access | No | |
| Automatically Escalates Privileges | No | |
| Requires Human Interaction | Yes | |
| Automatic Exfiltration | No | |
| Automatic Propagation | No |
Please note, this page was last updated at 2023-03-14 20:21.
-
https://www.microsoft.com/security/blog/2022/07/05/hive-ransomware-gets-upgrades-in-rust/ ↩ ↩2 ↩3
-
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-hive ↩
-
https://www.hhs.gov/sites/default/files/hive-ransomware-analyst-note-tlpwhite.pdf ↩
-
https://www.sentinelone.com/labs/hive-attacks-analysis-of-the-human-operated-ransomware-targeting-healthcare/ ↩