Hive ransomware analysis study

Posted date 20/12/2021
English

This study focuses on the Hive malicious code, a type of ransomware that is increasingly relevant and linked to different campaigns.

This study contains a detailed technical report, drafted after the analysis of a sample found thanks to the indicators obtained from different sources of information, with the aim of identifying the family to which this malicious code belongs and the action it takes, in order to gather as much information as possible.

This analysis also uses different IOCs and Yara and Sigma rules to help detect samples belonging to this family of malware.

The technical report includes:

  • General characteristics.
  • Infection procedure.
  • Detailed analysis.
  • Updates in the most recent samples.
  • Information about the threat group.