Ransomexx
RansomExx is a ransomware family that targeted multiple companies starting in mid-2020. It shares commonalities with Defray777.
External information
Victims
83
First Discovered
victim2020-05-14
Last Discovered
victim2025-03-07
Avg Delay
between attack and claim342.1 days
Infostealer
for victim with domain26.1%
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | FQDN | |
|---|---|---|---|---|---|---|
|
RansomEXX v2 | Yes | 2025-06-15 09:01:12 | rnsm777cdsjrsdlbs4v5qoeppu3px6sb2igmh53jzrx7ipcrbjz5b2ad.onion |
Target (Available)
Top 5 Activity Sectors
- Business Services 4
- Technology 4
- Information Technology 3
- Healthcare 3
- Manufacturing 3
Top 5 Countries
-
United States
9
-
Canada
2
-
Brazil
2
-
France
2
-
Italy
2
Heatmap (Available)
Ransom Notes (5)
Tools Used (Available)
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
|
|
|
LaZagne
Mimikatz
ProcDump
|
Cobalt Strike
|
|
BCDEdit
Windows Event Utility (wevtutil)
|
|
Vulnerabilities Exploited (0)
No vulnerabilities exploited available.
TTPs Matrix (0)
No TTPs available.
Negotiation Chats (0)
No negotiation chats available.
YARA Rules (0)
No YARA rules available.
Indicators of Compromise (IoCs) (0)
No IoCs available for this group.
Victims (83)
ADDA (adda.io)
Ransomexx
Discovery Date: 2025-03-07
ADDA is SaaS for Residential Community Management. 12 millions residents, visitors and stuff records...
Grupo Vargas
Ransomexx
Discovery Date: 2025-03-04
Estimated Attack Date: 2024-12-21
Estimated Attack Date: 2024-12-21
Laboratorios Vargas stands out in the pharmaceutical sector, not just for its longevity but also thr...
Lakeshore Title Agency
Ransomexx
Discovery Date: 2025-03-04
Estimated Attack Date: 2025-01-31
Estimated Attack Date: 2025-01-31
Lakeshore Title Agency has closed over $100 million in commercial transactions and over $700 million...
Makesworth Accountants
Ransomexx
Discovery Date: 2025-03-04
Estimated Attack Date: 2025-02-09
Estimated Attack Date: 2025-02-09
Makesworth Accountants is multi-award-winning accountancy practice of a chartered accountant, tax an...
Brontoo Technology Solutions
Ransomexx
Discovery Date: 2024-08-10
OstaApp, developed by Brontoo Technology Solutions India Private Limited, is a digital payment platf...
nursing.com
Ransomexx
Discovery Date: 2024-08-03
NURSING.com is an all-in-one online platform designed to help nursing students succeed in their stud...
Planet Group International
Ransomexx
Discovery Date: 2024-07-26
Planet Group International is a multinational corporation specializing in innovative technology solu...
Wagner-Meinert
Ransomexx
Discovery Date: 2024-07-12
Estimated Attack Date: 2024-07-08
Estimated Attack Date: 2024-07-08
Wagner-Meinert is a company that specializes in industrial refrigeration, food process systems, and ...
United Carton Industries Company
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2021-09-20
Estimated Attack Date: 2021-09-20
United Carton Industries Company (UCIC) is a leading packaging solutions provider based in Saudi Ara...
Ruwac Industrial Vacuums
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2021-12-06
Estimated Attack Date: 2021-12-06
Ruwac Industrial Vacuums is a leading manufacturer of industrial vacuum cleaners and vacuum systems ...
Diagnostica Stago
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2022-03-01
Estimated Attack Date: 2022-03-01
Diagnostica Stago is a global leader in the field of in-vitro diagnostics, specializing in hemostasi...
Bombardier Recreational Products
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2022-08-23
Estimated Attack Date: 2022-08-23
Bombardier Recreational Products (BRP) is a Canadian company that designs, manufactures, distributes...
Consorci Sanitari Integral
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2022-10-11
Estimated Attack Date: 2022-10-11
Consorci Sanitari Integral (CSI) is a healthcare consortium based in Catalonia, Spain Leaked data si...
Badan Urusan Logistik
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2023-02-22
Estimated Attack Date: 2023-02-22
BULOG, or Badan Urusan Logistik, is the state-owned logistics agency of Indonesia Leaked data size: ...
Jacobs Farm / Del Cabo
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2023-06-24
Estimated Attack Date: 2023-06-24
Jacobs Farm / Del Cabo is an organic farming company known for its commitment to sustainable agricul...
DVision Architecture
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2023-07-01
Estimated Attack Date: 2023-07-01
Dvision Architecture is a global architecture and design firm known for its innovative approach to a...
Telecommunications Services of Trinidad and Tobago
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2023-10-27
Estimated Attack Date: 2023-10-27
Telecommunications Services of Trinidad and Tobago (TSTT) is the primary telecommunications provider...
Ministry of Defense of Peru
Ransomexx
Discovery Date: 2024-04-22
Estimated Attack Date: 2024-03-24
Estimated Attack Date: 2024-03-24
The Peruvian Ministry of Defense (Ministerio de Defensa del Perú) is the government agency responsib...
Kenya Airways
Ransomexx
Discovery Date: 2023-12-30
Kenya Airways Ltd., more commonly known as Kenya Airways, is the flag carrier airline of Kenya. The ...
AlJaber Engineering
Ransomexx
Discovery Date: 2023-11-26
AlJaber Engineering (JEC) is a leading general contractor based in the State of Qatar....
Admilla ELAP
Ransomexx
Discovery Date: 2023-11-17
Elap (formerly Admilia) offers its expertise and support throughout the implementation of your budge...
Telecommunications Services of Trinidad and Tobago (tstt.co.tt)
Ransomexx
Discovery Date: 2023-10-27
tstt.co.tt and bmobile.co.tt. 4293368 customer's lines, ID scans, gitlab projects, db dumps....
DVA - DVision Architecture
Ransomexx
Discovery Date: 2023-07-01
Dalla digitalizzazione del progetto alla realizzazione di prototipi costruttivi: l’attività di DVA s...
Jacobs Farm
Ransomexx
Discovery Date: 2023-06-24
Jacobs Farm was founded in 1980 as a small organic family farm dedicated to growing fresh, high qual...
Bettuzzi And Partners
Ransomexx
Discovery Date: 2023-03-02
Lo Studio BETTUZZI & PARTNERS - Dottori Commercialisti è stato fondato dal dott. Alvaro Bettuzzi, ne...
REC Silicon
Ransomexx
Discovery Date: 2022-12-11
REC Silicon is a global leader in silane-based, high-purity silicon materials....
Unimed Belem
Ransomexx
Discovery Date: 2022-10-19
A Unimed é a maior realidade cooperativista na área da saúde em todo o mundo e também a maior rede d...
Consorci Sanitari Integral & Geseme
Ransomexx
Discovery Date: 2022-10-11
El Consorci Sanitari Integral (CSI) és un ens públic de serveis sanitaris i socials que neix l'any 2...
Bombardier Recreational Products (BRP) - SOURCE CODES
Ransomexx
Discovery Date: 2022-10-01
Here are some codes from BRP's repos. atgk.brp.ApprenticeShopAPI, atgk.brp.ApprenticeShopMobileAppBa...
Fundo Nacional de Desenvolvimento da Educação
Ransomexx
Discovery Date: 2022-09-03
The National Fund for Educational Development (FNDE) is a federal agency under the Ministry of Educa...
Bombardier Recreational Products (BRP) - BONUS CONTENT (!!!)
Ransomexx
Discovery Date: 2022-08-24
In addition to previous leak: employees credentials, if you need netflix, battle.net, paypal or porn...
Bombardier Recreational Products (BRP)
Ransomexx
Discovery Date: 2022-08-23
BRP Inc. is the holding company for Bombardier Recreational Products Inc., operating as BRP, a Canad...
Soluzioni Infrastrutturali Telefoniche ed Elettriche S.p.A.
Ransomexx
Discovery Date: 2021-09-09
N/A
Société de transport de Montréal (STM) (public transport agency)
Ransomexx
Discovery Date: 2020-10-19
N/A
