Royal
According to Trendmicro, Royal ransomware was first observed in September 2022, and the threat actors behind it are believed to be seasoned cybercriminals who used to be part of Conti Team One.
Victims
211
First Discovered
2022-11-04
victim
Last Discovered
2023-07-19
victim
Inactive Since
2yrs
more than
Avg Delay
6.5
days
Infostealer
30.3%
victims with domain
Countries
20
hit
Known Locations (2)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Royal | No | 2026-04-28T07:26:17 |
royal2xthig3ou5hd7zsliqagy6yygk2cdelaxtni2fyad6dpmpxedid.onion
|
|||
|
No | 2026-04-28T07:28:50 |
royal4ezp7xrbakkus3oofjw6gszrohpodmdnfbe5e4w3og5sm7vb3qd.onion
|
Target
Top 5 Activity Sectors
- Manufacturing 51
- Business Services 33
- Education 19
- Healthcare 13
- Consumer Services 12
Top 5 Countries
-
United States
24
-
Germany
8
-
United Kingdom
6
-
France
4
-
Canada
4
Heatmap
Ransom Notes (1)
Tools Used
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
AdFind
Advanced IP Scanner
SharpShares
SoftPerfect NetScan
|
AnyDesk
Atera
LogMeIn
MobaXterm
Syncro
|
Eraser
GMER
NSudo
PowerTool
|
Mimikatz
NirSoft Dialupass
NirSoft IEPassView (iepv)
NirSoft MailPassView
NirSoft Netpass
NirSoft RouterPassView
|
Brute Ratel C4
Cobalt Strike
|
Chisel
Cloudflared
OpenSSH
|
PsExec
|
RClone
|
TTPs Matrix (10)
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Discovery | Lateral Movement | Exfiltration | Command and Control | Impact |
|---|---|---|---|---|---|---|---|---|---|
| Phishing: Spearphishing Attachment | Command and Scripting Interpreter: PowerShell | Create or Modify System Process: Windows Service | Domain Accounts | Obfuscated Files or Information: HTML Smuggling | Account Discovery: Local Account | Remote Services: SMB/Windows Admin Shares | Exfiltration Over Web Service: Exfiltration to Cloud Storage | Application Layer Protocol | Data Encrypted for Impact |
| Command and Scripting Interpreter: Windows Command Shell | Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder | Abuse Elevation Control Mechanism: Bypass User Account Control | Process Injection | Account Discovery: Domain Account | Valid Accounts: Domain Accounts | Application Layer Protocol: Web Protocols | |||
| Domain Accounts | Network Share Discovery | Use Alternate Authentication Material: Pass the Hash | |||||||
| Domain Trust Discovery |
YARA Rules (1)
Victims (211)
Braintree Public Schools is an independent public school district which serves the kindergarten thro…
Global Seat System CreatorAt Tachi-S, we help automotive manufacturers launch their cars, trucks and…
PENNCREST School District provides resources and opportunities that challenge students, assess their…
Groupe Sovitrat Interim & Recrutement is a company that operates in the Human Resources industry. It…
B & M Precision, Inc. is capable of producing any part made from stainless steel or similar metals w…
Directviz Solutions (DVS) provides the information technology and services IRM needs to successfully…
Headquartered in Bromsgrove, United Kingdom, The Best Connection is a independent provider of flexib…
AFG Holdings, Inc. is a fully integrated OEM providing differentiated technology, products, and serv…
Haworth Tompkins is a Stirling Prize-winning architectural studio with an international reputation f…
In April 2021 Speciality consortium completed the final stage of the takeover of Grange packing solu…
Dotcom Distribution is a fulfillment and logistics services provider for emerging and established B2…
Trinity Exploration & Production plc, an independent oil company, engages in the exploration, develo…
Agostini Insurance Brokers Limited is the longest standing private sector firm of Insurance Brokers …
“There is still no indication that data from residents, vendors or employees has been leaked,” Dalla…
The Nashua, New Hampshire School District is a city of 88,000 residents with much to offer. Most not…
Parker Drilling is a drilling solutions company that provides support services to the oil and gas in…
Midwest Truck and Auto Parts, Inc. sources and supplies various components to the heavy duty, light …
Southern West Virginia Community and Technical College is a public community college with its main c…
Great Falls College Montana State University is a public community college in Great Falls, Montana. …
Montana State University, located in the city of Bozeman, is an educational institution that offers …
EdisonLearning provides education management solutions, alternative education, personal learning pla…
Encompass was founded in 1999 and headquartered in McDonough, Georgia, a company that manufacturers …
Lake Dallas Independent School District has a vibrant, growing student population, an excellent arra…
MW Components is focused on accelerating the entire process of delivering custom, stock, and standar…
GKS Hydraulik is a company that operates in the Wholesale industry. It employs 11-20 people and has …
Founded in 1951, Swanson Group sells and manufactures wood products and other building products from…
Moon Capital Management is a company that specializes in global investment management solutions. Whi…
Talon Outdoor is the leading global independent Out of Home (OOH) media specialist and technology se…
Services from a single source - since 2003The Einhaus Group GmbH is one of the first to offer its sa…
Stanley Electric US is a manufacturer of motorcycle and automotive lighting equipment for Honda and …
Nature's Path Foods was founded in 1985 in Richmond, Canada. It is a family-run, fiercely independen…
Big Ass Fans is a fans, light and controls manufacturer for different business directions. These guy…
Commercial & Residential ConstructionFounded in 1956, Tom Duffy Company specializes in floor coverin…
Beghelli USA is a provider of emergency lighting products. We have worked with them a little and we …
Kretek International, Inc is a number one importer, marketer, and distributor of specialty tobacco p…
Corizon Health (CMS and PHS in the past) is a private prison healthcare provider with a very interes…
Sunstar Americas is a part of the Sunstar Corporation is famous for its dental products. They lost a…
Toho Tenax America is a US branch of Japanese technology giant Teijin. They are a carbon manufacture…
Steve Silver furniture company provides its costumers with different kinds of residential furniture …
Vending Group company provides vending services (obviously). They are partnering with big names in b…
Benning Construction Company is a construction manager and contractor operating in cinema and grocer…
### Accounting Services ###Armstrong Watson LLP is a limited liability partnership registered in En…
Wymondham College - is a beautiful place for living and studying. They even have some awards for edu…
Helmholtz Zentrum Museum is interested for its top-level scientific achievements in different areas.…
Savannah Technical College provides dynamic education and variable services to its students in many …
The Ultra-met Carbide Technologies is a premium-quality blanks supplier for fabrications. We have st…
MERS Industries are known for their will to help people. We suppose they need to improve their consu…
Founded in 1929, Graceworks Lutheran Services is a lutheran social services organization that operat…
Founded in 1989, Yaskawa Motoman is the Robotics Division of Yaskawa America, Inc. It provides autom…
Sutton & Jacobs, LLP is located at the corner of College and Park streets in downtown Beaumont, Texa…
DGM Industrie is a company that operates in the Mechanical or Industrial Engineering industry. It em…
AAA Energy Service Co. provides services in a multitude of market sectors to a wide variety of clien…
For over 60 years Liberty Lines has been privileged to develop and operate one of the most effective…
Highway Equipment is a rental and leasing company of construction equipment and related parts. The c…
Ferretería EPA is a company that operates in the Environmental Services industry. It employs 2,001-5…
Headquarters: Brunel Close, Northampton, Northamptonshire, NN16 9HU, United KingdomPhone: +44 153651…
Gottschol Alcuilux mit den Unternehmensbereichen Desox-Aluminium, Feinblechbearbeitung und Zerspanun…
Jackson Dean Construction offers a challenging and rewarding work experience to college students and…
HARD Manufacturing, headquartered in Buffalo, NY, designs, manufactures and sells the broadest range…
Materialogic offers services in eCommerce fulfillment, marketing logistics, warehousing and distribu…
Little Mountain Residential Care and Housing Society (the Society) is a non-profit society created i…
At Wellington Power, success is based upon diversified excellence in electrical construction, automa…
Walker SCM, LLC provides Global Supply Chain Services ranging from Transportation (Air and Ocean Fre…
Headquarters: 1 Hauptstraße, Neustetten, Baden-Wuerttemberg, 72149, GermanyPhone Number: +49 7472989…
Thomaston Mills was founded in 1899 by R.E. Hightower and is the oldest domestic sheet mill in the U…
The WorkPlace was originally incorporated as the Private Industry Council of Southern Connecticut on…
Krinos Foods LLC is one of the largest importers and manufacturers of specialty foods in North Ameri…
Schwartz Hautmont is a private Spanish corporation established in 1963 in Tarragona, South of Barcel…
Stone & Sons Electrical Contractors, Inc offers a wide range of electrical services in the Transport…
Dallas School District is centered on students, powered by collaboration, built on equity and driven…
For over four decades, Evans has been the global leader in providing innovative solutions for missio…
Your travel and local community guide to Alex City, Alabama. Explore the Alexander City AL directory…
Education · Arizona, United States · 6,208 EmployeesFounded in 1867, the Tucson Unified School Distr…
Trendsetter is a premier provider of specialized subsea solutions for oil and gas companies across t…
ICS Nett delivers innovative solutions to critical challenges facing the nation and the world. As a …
Messer Cutting Systems is a global supplier of cutting solutions for the metal-working industry. We …
We are moved by what moves people. By what moves the world. In ever-growing cities. We provide bette…
Torre del Greco (Italian pronunciation: Neapolitan: Torre d' 'o Grieco; "Greek man's Tower") is a co…
Travis County Sheriff's Officers Association is a company that operates in the Government industry.…
ServiceMaster is a national company that has been a leader in the cleaning industry for more than 50…
Pillar FabricatorsFabrication Facility, Module Yard & Field Service Center4155-84th AvenueEdmonton, …
At KAZAROSIAN COSTELLO,we combine experience, knowledge and a record of success that is hard to find…
Pure theory - not with us. Internships, laboratory work and a strong focus on application are a matt…
Hills started as a bodyshop with a garage forecourt over 50 years ago. Our operation has grown rapid…
Founded in 1989 and headquartered in Philadelphia, Pennsylvania, Samuels and Son Seafood produces se…
Lek/Habo realiseert al tientallen jaren met succes innovatieve en toonaangevende energie- en install…
Food & Beverage · Illinois, United StatesBevolution Group produces shelf-stable and frozen beverage…
Suzhou Dongshan Precision Manufacturing Co., Ltd. produces and sells critical components for IoT int…
Iowa PBS is Iowa’s statewide public broadcasting network. Iowa PBS provides quality, innovative medi…
Founded in 1932, at Lexington field in North Waterloo, Waterloo Wellington Flight Centre (WWFC) is d…
Inforlandia is a leading European Original Equipment Manufacturer of computer hardware, mobile devic…
HELMA Eigenheimbau AGHeadquarters: 4 Zum Meersefeld, Lehrte, Lower Saxony, 31275, GermanyPhone Numbe…
Grupo Ibiapina Ltda is a company that operates in the Business Supplies and Equipment industry. It e…
Robinson Pharma, Inc. is a full-service contract manufacturer of softgels, tablets, capsules, powder…
Walk through the doors of Fantasy Springs Resort Casino and you’re immediately transported to a worl…
We are the most important company in Mexico that integrates water infrastructure projects, with more…
Founded in 2010, Aegea is one of Brazil’s largest private sanitation companies. In each town it oper…
Rech Informática Ltda is a company that operates in the Staffing and Recruiting industry. It employs…
Pinnacle Communications merged with Justin Hannesson and Pinnacle West LLC to become the company tha…
ZEHNDER'S OF FRANKENMUTH - A FOUR-SEASON FAMILY VACATION DESTINATION - HOTEL, WATERPARK, DINING, SHO…
Mark-Taylor Companies is the leading developer, owner, and investment manager of Arizona's premier r…
The Keenan Agency IncHeadquarters:6805 Avery-muirfield Dr Ste 200, Dublin, Ohio, 43016, United State…
NaultyPennsylvania, United States · 56 Employees Headquarters: 1617 Jfk Blvd Ste 750, Philadelphia, …
Cristal Controls manufactures energy management systems, low voltage lighting control systems, tempe…
At M2S Electronics, we are committed to improving the world around us and doing business the right w…
The Los Angeles Business Journal, established in 1979, is a weekly newspaper and online news source …
Virginia Farm Bureau is the largest non-profit agricultural advocacy organization in Virginia. With …
McAndrews Law Offices Founded in 1983 and headquartered in Berwyn, Pennsylvania, McAndrews Law Fir…
Friedman & BartoumianCalifornia, United States · 43 EmployeesHeadquarters: 30401 Agoura Rd Ste 200, …
Tubular Steel Inc is a company that operates in the Mining & Metals industry. It employs 21-50 peopl…
