Hands-On Cybersecurity Studies: Hidden Tear Ransomware

Abstract

Ransomware incidents are becoming more common and more costly. This malware causes systems to become inaccessible by locking out access to user files using encryption. The Hidden Tear ransomware source code was released for educational purposes in August 2015, leading to further analyses and a better understanding of how this malware and related virtual threats work. In this report, we describe a hands-on cybersecurity exercise where participants run the Hidden Tear malware and observe its behavior using several tools and techniques. After completing the exercise, participants will have a high-level understanding of the inner workings of this malware, including infection logic, decryption information storage, and network activity.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 27, 2021
Accession Number
AD1135405

Entities

People

  • Christopher Uriel
  • Elizabeth Rubio
  • Ivanna Becerra
  • Jaime C. Acosta
  • Jennifer A. Sims

Organizations

  • United States Army Research Laboratory

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Abstracts
  • Algorithms
  • Communications Protocols
  • Computer Program Documentation
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Directories
  • Electronic Mail
  • Geographic Regions
  • Information Science
  • Internet
  • Internet Of Things
  • Malware
  • Military Research
  • Network Protocols
  • Operating Systems
  • Php Programming Language
  • Programming Languages
  • Virtual Machines

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Military Training and Readiness Simulation

Technology Areas

  • Cyber