MalwareBazaar Database
This page shows some basic information the YARA rule VECT_Ransomware including corresponding malware samples.
Database Entry
| YARA Rule: | VECT_Ransomware |
|---|---|
| Author: | Mustafa Bakhit |
| Description: | Detects activity associated with VECT ransomware. This includes registry modifications and deletions, execution of system and defense-evasion commands, suspicious API usage, mutex creation, file and memory manipulation, ransomware note generation, anti-debugging and anti-analysis techniques, and embedded cryptographic constants (SHA256) characteristic of this malware family. Designed for threat intelligence and malware detection environments. |
| Firstseen: | 2026-03-06 14:48:50 UTC |
| Lastseen: | 2026-03-15 14:02:44 UTC |
| Sightings: | 153 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|