diff --git a/conf/maldb.db b/conf/maldb.db
index be35d41..bfc58c4 100644
Binary files a/conf/maldb.db and b/conf/maldb.db differ
diff --git a/malware/Binaries/Ransomware.Hive/Ransomware.Hive.md5 b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.md5
new file mode 100644
index 0000000..893e2be
--- /dev/null
+++ b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.md5
@@ -0,0 +1,8 @@
+MD5 (windows_25bfec0c3c81ab55cf85a57367c14cc6803a03e2e9b4afd72e7bbca9420fe7c5) = DA13022097518D123A91A3958BE326DA
+MD5 (211xahcou.dll) = 0E4D44DDE522C07D09D9E3086CFAE803
+MD5 (zi1ysv64h.dll) = 5384C6825A5707241C11D78529DBBFEE
+MD5 (sjl8j6ap3.dll) = 7692A5DCA7C3C48095AA6DB0DB640D4A
+MD5 (hive_linux_elf) = D3B0102E6632BE81CE158C909F583412
+MD5 (hive.bin_exe) = 2F9FC82898D718F2ABE99C4A6FA79E69
+MD5 (Hive.elf) = 22AE3E19EC54A9D314719158C00986E3
+MD5 (linux_hive.elf) = 56075E7C63B3F9F612CDE6187D4A7877
\ No newline at end of file
diff --git a/malware/Binaries/Ransomware.Hive/Ransomware.Hive.pass b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.pass
new file mode 100644
index 0000000..ba701bf
--- /dev/null
+++ b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.pass
@@ -0,0 +1 @@
+infected
diff --git a/malware/Binaries/Ransomware.Hive/Ransomware.Hive.sha256 b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.sha256
new file mode 100644
index 0000000..b3118d8
--- /dev/null
+++ b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.sha256
@@ -0,0 +1,8 @@
+sha256 (windows_25bfec0c3c81ab55cf85a57367c14cc6803a03e2e9b4afd72e7bbca9420fe7c5) = 25bfec0c3c81ab55cf85a57367c14cc6803a03e2e9b4afd72e7bbca9420fe7c5
+sha256 (211xahcou.dll) = 33aceb3dc0681a56226d4cfce32eee7a431e66f5c746a4d6dc7506a72b317277
+sha256 (zi1ysv64h.dll) = 3858e95bcf18c692f8321e3f8380c39684edb90bb622f37911144950602cea21
+sha256 (sjl8j6ap3.dll) = b6b1ea26464c92c3d25956815c301caf6fa0da9723a2ef847e2bb9cd11563d8b
+sha256 (hive_linux_elf) = bdf3d5f4f1b7c90dfc526340e917da9e188f04238e772049b2a97b4f88f711e3
+sha256 (hive.bin_exe) = 88f7544a29a2ceb175a135d9fa221cbfd3e8c71f32dd6b09399717f85ea9afd1
+sha256 (Hive.elf) = 822d89e7917d41a90f5f65bee75cad31fe13995e43f47ea9ea536862884efc25
+sha256 (linux_hive.elf) = 12389b8af28307fd09fe080fd89802b4e616ed4c961f464f95fdb4b3f0aaf185
\ No newline at end of file
diff --git a/malware/Binaries/Ransomware.Hive/Ransomware.Hive.zip b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.zip
new file mode 100644
index 0000000..b9da1b8
Binary files /dev/null and b/malware/Binaries/Ransomware.Hive/Ransomware.Hive.zip differ