ioc[.]one - OSINT Cyber Threat Intelligence Database

Hive ransomware gets upgrades in Rust | Microsoft Security Blog

Tags

country:	South Korea
attack-pattern:	Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	ff967478-53e5-4e9e-98ca-41b2f3847bca
Fingerprint	a770281176558297
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 5, 2022, 9 a.m.
Added to db	Sept. 17, 2024, 6:26 p.m.
Last updated	Nov. 13, 2024, 4:22 p.m.
Headline	Hive ransomware gets upgrades in Rust
Title	Hive ransomware gets upgrades in Rust \| Microsoft Security Blog
Detected Hints/Tags/Attributes	78/2/17

Source URLs

	Redirection	Url
Details	Source	https://www.microsoft.com/en-us/security/blog/2022/07/05/hive-ransomware-gets-upgrades-in-rust/

URL Provider

Details	Provider	Source level domain
Details	microsoft.com	www.microsoft.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	179		www.torproject.org
Details	File	14		trustedinstaller.exe
Details	File	212		winlogon.exe
Details	File	1		c:\ drive: c:\3bcvwj6j.key
Details	File	2		c:\l0zn68cb.key
Details	File	4		myphoto.jpg
Details	File	2		c:\myphoto.jpg
Details	File	3		edbtmp.log
Details	sha256	2		f4a39820dbff47fa1b68f83f575bc98ed33858b02341c5c0464a49be4e6c76d3
Details	sha256	2		6e5d49f604730ef4c05cfe3f64a7790242e71b4ecf1dc5109d32e811acf0b053
Details	sha256	2		88b1d8a85bf9101bc336b01b9af4345ed91d3ec761554d167fe59f73af73f037
Details	sha256	2		33744c420884adf582c46a4b74cbd9c145f2e15a036bb1e557e89d6fd428e724
Details	sha256	2		481dc99903aa270d286f559b17194b1a25deca8a64a5ec4f13a066637900221e
Details	Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development)	11		DEV-0237
Details	Microsoft Threat Actor Naming Taxonomy (Groups in development)	12		Storm-0324
Details	Url	2		http://hive[redacted].onion
Details	Url	63		https://www.torproject.org