Ransomexx
| Active
RansomExx is a ransomware family that targeted multiple companies starting in mid-2020. It shares commonalities with Defray777.
Victims
85
First Discovered
2020-05-14
victim
Last Discovered
2026-04-17
victim
Inactive Since
26
days
Avg Delay
320.8
days
Infostealer
51.6%
victims with domain
Countries
22
hit
Attack Velocity — Last 12 months
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
RansomEXX v2 | Yes | 2026-05-13T20:16:52 | nginx |
rnsm777cdsjrsdlbs4v5qoeppu3px6sb2igmh53jzrx7ipcrbjz5b2ad.onion
|
Target
Top 5 Activity Sectors
- Manufacturing 18
- Technology 11
- Business Services 9
- Public Sector 8
- Healthcare 7
Top 5 Countries
-
United States
11
-
Japan
3
-
Italy
3
-
India
2
-
Saudi Arabia
2
Heatmap
Ransom Notes (5)
Tools Used
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
|
|
|
LaZagne
Mimikatz
ProcDump
|
Cobalt Strike
|
|
BCDEdit
Windows Event Utility (wevtutil)
|
|
YARA Rules (1)
Indicators of Compromise (IoCs) (1)
Email
1
| Type | IOC |
|---|---|
Email
|
cyberarkrules@gmail.com
|
Victims (85)
SOGO Auction - 951MB leaked. SOGO Auction is a prominent Japan-based, specialized auctioneer with ov…
ADDA is SaaS for Residential Community Management. 12 millions residents, visitors and stuff records…
Laboratorios Vargas stands out in the pharmaceutical sector, not just for its longevity but also thr…
Lakeshore Title Agency has closed over $100 million in commercial transactions and over $700 million…
Makesworth Accountants is multi-award-winning accountancy practice of a chartered accountant, tax an…
OstaApp, developed by Brontoo Technology Solutions India Private Limited, is a digital payment platf…
NURSING.com is an all-in-one online platform designed to help nursing students succeed in their stud…
Planet Group International is a multinational corporation specializing in innovative technology solu…
Wagner-Meinert is a company that specializes in industrial refrigeration, food process systems, and …
United Carton Industries Company (UCIC) is a leading packaging solutions provider based in Saudi Ara…
Ruwac Industrial Vacuums is a leading manufacturer of industrial vacuum cleaners and vacuum systems …
Diagnostica Stago is a global leader in the field of in-vitro diagnostics, specializing in hemostasi…
Bombardier Recreational Products (BRP) is a Canadian company that designs, manufactures, distributes…
Consorci Sanitari Integral (CSI) is a healthcare consortium based in Catalonia, Spain Leaked data si…
BULOG, or Badan Urusan Logistik, is the state-owned logistics agency of Indonesia Leaked data size: …
Jacobs Farm / Del Cabo is an organic farming company known for its commitment to sustainable agricul…
Dvision Architecture is a global architecture and design firm known for its innovative approach to a…
Telecommunications Services of Trinidad and Tobago (TSTT) is the primary telecommunications provider…
The Peruvian Ministry of Defense (Ministerio de Defensa del Perú) is the government agency responsib…
Kenya Airways Ltd., more commonly known as Kenya Airways, is the flag carrier airline of Kenya. The …
AlJaber Engineering (JEC) is a leading general contractor based in the State of Qatar.…
Elap (formerly Admilia) offers its expertise and support throughout the implementation of your budge…
tstt.co.tt and bmobile.co.tt. 4293368 customer's lines, ID scans, gitlab projects, db dumps.…
Dalla digitalizzazione del progetto alla realizzazione di prototipi costruttivi: l’attività di DVA s…
Jacobs Farm was founded in 1980 as a small organic family farm dedicated to growing fresh, high qual…
Lo Studio BETTUZZI & PARTNERS - Dottori Commercialisti è stato fondato dal dott. Alvaro Bettuzzi, ne…
REC Silicon is a global leader in silane-based, high-purity silicon materials.…
A Unimed é a maior realidade cooperativista na área da saúde em todo o mundo e também a maior rede d…
El Consorci Sanitari Integral (CSI) és un ens públic de serveis sanitaris i socials que neix l'any 2…
Here are some codes from BRP's repos. atgk.brp.ApprenticeShopAPI, atgk.brp.ApprenticeShopMobileAppBa…
The National Fund for Educational Development (FNDE) is a federal agency under the Ministry of Educa…
In addition to previous leak: employees credentials, if you need netflix, battle.net, paypal or porn…
BRP Inc. is the holding company for Bombardier Recreational Products Inc., operating as BRP, a Canad…
