ioc · name

Windows_x64_encrypt.exe

Hive ransomware Windows 64-bit encryptor binary listed as a known IOC in Table 2 of AA22-321A. Hive shipped matching Linux, ESXi and FreeBSD variants and victimized over 1,300 organizations for ~$100M in payments before the FBI infiltrated its network in July 2022.

family: Hive
first seen: Nov 16, 2022
publisher: CISA

source citation