[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:09
[ALL_FAMILIES]

Big Head

ransomware2 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
Big Head
CATEGORY:
RANSOMWARE
DESCRIPTION:
Big Head ransomware is a variant that uses a fake Windows Update screen to deceive users while it encrypts files in the background. It is known for its multiple variants and diverse tactics.
ALIASES:
Big Head Ransomware
TAGS:
file_encryptionextortionfake_update

[MUTEX_SIGNATURES](2)

[MUTEX_01]
8bikfjjD4JpkkAqrz
ANALYST: @adhikara13 DATE: 2025-07-12
REFERENCES:
https://www.trendmicro.com/en_us/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html
https://www.tanium.com/blog/attacks-ransomware-payments-spike-in-2023-cyber-threat-intelligence-roundup/
[MUTEX_02]
v6PdkcEldmq3vfupE
ANALYST: @adhikara13 DATE: 2025-01-09
REFERENCES:
https://rayblog.rising.com.cn/2024/07/bighead%E5%8B%92%E7%B4%A2%E8%BD%AF%E4%BB%B6%E5%88%86%E6%9E%90/
https://www.trendmicro.com/en_us/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Unknown
FIRST_OBSERVED:
2023

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:2
THREAT_ACTORS:1
ALIASES:1
TAGS:3
CATEGORY:RANSOMWARE
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]