add: Hive ransomware

linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/analysis/analysis.yaml

@@ -0,0 +1,14 @@
+analysis:
+  duration_sec: 60
+  timestamp: '2024-07-01T14:50:58.272982+00:00'
+kunai:
+  args:
+  - --include=all
+  - --send-data-min-len=0
+  version: kunai 0.2.4
+sample:
+  args: []
+system:
+  kernel: 5.10.0-30-cloud-amd64
+  uname: 'Linux kunai-sandbox 5.10.0-30-cloud-amd64 #1 SMP Debian 5.10.218-1 (2024-06-01)
+    x86_64 GNU/Linux'

linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/analysis/kunai.stderr

@@ -0,0 +1,2 @@
+[2024-06-17T10:05:51Z WARN  kunai] syscalls_sys_exit_execve probe is not compatible with current kernel: min=KernelVersion::MIN max=5.9.0 current=5.10.0
+[2024-06-17T10:05:52Z WARN  kunai] syscalls_sys_exit_execveat probe is not compatible with current kernel: min=KernelVersion::MIN max=5.9.0 current=5.10.0

linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/analysis/sample.stderr

@@ -0,0 +1,16 @@
+10:05:58 Exporting key
+10:05:59 +export /Nt3m9vLRLxbSnXg30P9ycMyiGAd777sb7a4yK5fOA4L_.key.ndjmu
+10:05:59 Removing itself
+10:05:59 Killing non root processes
+10:05:59 +kill 516
+10:05:59 +kill 528
+10:05:59 +kill 530
+10:05:59 +kill 1023
+10:05:59 +kill 1024
+10:05:59 +kill 1034
+10:05:59 +kill 1035
+10:05:59 +kill 1052
+10:05:59 +kill 1053
+10:05:59 +kill 1109
+10:05:59 +kill 1110
+Connection to localhost closed by remote host.