Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

OSINT - Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone

Medium
Malwaremisp-galaxy:ransomware="egregor"type:osintosint:lifetime="perpetual"tlp:white
Published: Mon Jan 04 2021 (01/04/2021, 00:00:00 UTC)
Source: CIRCL
Vendor/Project: misp-galaxy
Product: ransomware

Description

OSINT - Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone

AI-Powered Analysis

AILast updated: 07/02/2025, 07:12:04 UTC

Technical Analysis

The Egregor ransomware-as-a-service (RaaS) operation represents a significant and ongoing threat in the ransomware landscape. Egregor ransomware is known for its use of sophisticated tactics, techniques, and procedures (TTPs), including the deployment of Cobalt Strike and Rclone tools to facilitate payload delivery and data exfiltration. Cobalt Strike is a legitimate penetration testing tool often abused by threat actors to establish command and control (C2) channels, execute lateral movement, and deploy ransomware payloads within compromised networks. Rclone is a command-line program used for managing files on cloud storage, which attackers leverage to exfiltrate stolen data to cloud repositories, increasing the difficulty of tracing and mitigating data theft. The combination of these tools with Egregor ransomware enables attackers to not only encrypt victim data but also threaten data leakage, thereby increasing pressure on victims to pay ransoms. The threat is categorized as medium severity, reflecting its impactful but not necessarily critical nature, and no patches are available since this is a malware campaign rather than a software vulnerability. The campaign is persistent and has been observed in multiple ransomware incidents, indicating a mature and well-resourced threat actor group. The lack of known exploits in the wild for specific software vulnerabilities suggests that the attack vector relies heavily on social engineering, phishing, or exploitation of weak credentials rather than zero-day vulnerabilities. The perpetual nature of the OSINT data indicates ongoing monitoring and activity of this ransomware group.

Potential Impact

For European organizations, the impact of an Egregor ransomware infection can be severe. The dual threat of data encryption and exfiltration can lead to significant operational disruption, financial losses from ransom payments, regulatory penalties under GDPR for data breaches, and reputational damage. Critical sectors such as finance, healthcare, manufacturing, and government are particularly vulnerable due to their reliance on continuous data availability and confidentiality. The use of Cobalt Strike facilitates deep network penetration, making containment and remediation more complex and costly. Additionally, the exfiltration of sensitive personal or corporate data can trigger mandatory breach notifications and legal consequences under European data protection laws. The medium severity rating reflects the ransomware's capability to cause substantial harm but also indicates that effective detection and response can mitigate the worst outcomes.

Mitigation Recommendations

European organizations should implement targeted mitigation strategies beyond generic ransomware defenses. These include: 1) Deploy advanced endpoint detection and response (EDR) solutions capable of identifying Cobalt Strike beaconing and anomalous Rclone usage patterns. 2) Enforce strict network segmentation to limit lateral movement opportunities for attackers using Cobalt Strike. 3) Monitor outbound network traffic for unusual cloud storage uploads indicative of data exfiltration via Rclone. 4) Conduct regular phishing awareness training to reduce the risk of initial compromise. 5) Implement multi-factor authentication (MFA) across all remote access and privileged accounts to prevent credential abuse. 6) Maintain offline, immutable backups to enable recovery without paying ransom. 7) Establish incident response playbooks specifically addressing ransomware combined with data exfiltration scenarios. 8) Collaborate with threat intelligence sharing communities to stay updated on Egregor TTPs and indicators of compromise. These measures, combined with continuous network and user behavior monitoring, can significantly reduce the risk and impact of Egregor ransomware attacks.

Affected Countries

GermanyGermany
FranceFrance
United KingdomUnited Kingdom
ItalyItaly
NetherlandsNetherlands
SpainSpain
BelgiumBelgium
PolandPoland
Need more detailed analysis?Get Pro

Technical Details

Threat Level
2
Analysis
2
Uuid
f42c106c-df01-47f3-bc36-16072ad63856
Original Timestamp
1609779788

Indicators of Compromise

Ip

ValueDescriptionCopy
ip45.153.242.129
ip217.8.117.148
ip45.11.19.70
ip185.238.0.233

File

ValueDescriptionCopy
file49.12.104.241
On port 81

Hash

ValueDescriptionCopy
hash81
On port 81
hash8483aaf9e1fa5b46486c9f2a14c688c30d2006e88de65d0295a57892de0bf4c9
hash3fd510a3b2e0b0802d57cd5b1cac1e61797d50a08b87d9b5243becd9e2f7073f
hash2b3518937fd231560c7dc4f5af672a033b1c810d7f2f82c8151c025ce75775bf
hash444a6897058fd4965770167b15a2ab13e6fd559a3e6f6cf5565d4d3282587459
hashc3c50adcc0a5cd2b39677f17fb5f2efca52cc4e47ccd2cdbbf38815d426be9e1
hash004a2dc3ec7b98fa7fe6ae9c23a8b051ec30bcfcd2bc387c440c07ff5180fe9a
hash608b5bf065f25cd1c6ac145e3bcdf0b1b6dc742a08e59ec0ce136fe5142774e9
hash3e5a6834cf6192a987ca9b0b4c8cb9202660e399ebe387af8c7407b12ae2da63
hash4ea8b8c37cfb02ccdba95fe91c12fb68a2b7174fdcbee7ddaadded8ceb0fdf97
hash9017c070ad6ac9ac52e361286b3ff24a315f721f488b53b7aaf6ac35de477f44
hashee06c557f1acd5c4948b1df0413e49f3885f8ac96185a9d986b91a1231444541
hash765327e1dc0888c69c92203d90037c5154db9787f54d3fc8f1097830be8c76ab
hash14e547bebaa738b8605ba4182c4379317d121e268f846c0ed3da171375e65fe4
hash3fc382ae51ceca3ad6ef5880cdd2d89ef508f368911d3cd41c71a54453004c55
hashf0adfd3f89c9268953f93bfdfefb84432532a1e30542fee7bddda14dcb69a76c
hasha9d483c0f021b72a94324562068d8164f8cce0aa8f779faea304669390775436
hash3aad14d200887119f316be71d71aec11735dd3698a4fcaa50902fce71bdccb07
hash6ad7b3e0873c9ff122c32006fdc3675706a03c4778287085a020d839b74cd780
hash932778732711cd18d5c4aabc507a65180bf1d4bd2b7d2d4e5506be4b8193596e
hash6f600974c45eec97016c1259e769a4ef
hash56eed20ea731d28d621723130518ac00bf50170d
hash9017c070ad6ac9ac52e361286b3ff24a315f721f488b53b7aaf6ac35de477f44
hash666f8d920f85f9afffcf0865a98efe69
hash50c3b800294f7ee4bde577d99f2118fc1c4ba3b9
hasha9d483c0f021b72a94324562068d8164f8cce0aa8f779faea304669390775436
hash44a7085f729b68073b5c67bbc66829cc
hash3c03a1c61932bec2b276600ea52bd2803285ec62
hash8483aaf9e1fa5b46486c9f2a14c688c30d2006e88de65d0295a57892de0bf4c9
hash0de24cec66ef9d1042be7cf12b87cfc4
hashf7bf7cea89c6205d78fa42d735d81c1e5c183041
hash765327e1dc0888c69c92203d90037c5154db9787f54d3fc8f1097830be8c76ab
hashde3110dce011088cd4add1950a49182f
hashc9da06e3dbf406aec50bc145cba1a50b26db853a
hash608b5bf065f25cd1c6ac145e3bcdf0b1b6dc742a08e59ec0ce136fe5142774e9
hash8ba3a9d73903bd252f8d99a682d60858
hash95aea6b24ed28c6ad13ec8d7a6f62652b039765e
hash444a6897058fd4965770167b15a2ab13e6fd559a3e6f6cf5565d4d3282587459
hash81bc3a2409991325c6e71a06f6b7b881
hash38c88de0ece0451b0665f3616c02c2bad77a92a2
hash2b3518937fd231560c7dc4f5af672a033b1c810d7f2f82c8151c025ce75775bf
hash65c320bc5258d8fa86aa9ffd876291d3
hashf0215aac7be36a5fedeea51d34d8f8da2e98bf1b
hash3fd510a3b2e0b0802d57cd5b1cac1e61797d50a08b87d9b5243becd9e2f7073f
hashac33fea4c2a9bbca3559142838441f84
hash948ef8caef5c1254be551cab8a64c687ea0faf84
hash932778732711cd18d5c4aabc507a65180bf1d4bd2b7d2d4e5506be4b8193596e
hashdd8e8bfb45fcd5f0621fe7085bfcab94
hash5c99dc80ca69ce0f2d9b4f790ec1b57dba7153c9
hash3aad14d200887119f316be71d71aec11735dd3698a4fcaa50902fce71bdccb07
hash427105821263afeeccca05b43ea8dac4
hashfa33fd577f5eb4813bc69dce891361871cda860c
hashee06c557f1acd5c4948b1df0413e49f3885f8ac96185a9d986b91a1231444541
hashd1aa0f26f557addd45e0d9fa4afecf15
hashf1603f1ddf52391b16ee9e73e68f5dd405ab06b0
hash14e547bebaa738b8605ba4182c4379317d121e268f846c0ed3da171375e65fe4
hasha922987d1488e2dede7e39a99faf98bb
hashbeb48c2a7ff957d467d9199c954b89f8411d3ca8
hash6ad7b3e0873c9ff122c32006fdc3675706a03c4778287085a020d839b74cd780
hash5f9fcbdf7ad86583eb2bbcaa5741d88a
hash03cdec4a0a63a016d0767650cdaf1d4d24669795
hash004a2dc3ec7b98fa7fe6ae9c23a8b051ec30bcfcd2bc387c440c07ff5180fe9a
hash9b7ccaa2ae6a5b96e3110ebcbc4311f6
hash3cc616d959eb2fe59642102f0565c0e55ee67dbc
hashc3c50adcc0a5cd2b39677f17fb5f2efca52cc4e47ccd2cdbbf38815d426be9e1
hash1d6aa29e98d3f54b8c891929c34eb426
hashceca1a691c736632b3e98f2ed5b028d33c0f3c64
hash3e5a6834cf6192a987ca9b0b4c8cb9202660e399ebe387af8c7407b12ae2da63
hashc3c7a97da396085eb48953e638c3c9c6
hash8768cf56e12a81d838e270dca9b82d30c35d026e
hash3fc382ae51ceca3ad6ef5880cdd2d89ef508f368911d3cd41c71a54453004c55
hashc96df334b5ed70473ec6a58a545208b6
hashf6ad7b0a1d93b7a70e286b87f423119daa4ea4df
hash4ea8b8c37cfb02ccdba95fe91c12fb68a2b7174fdcbee7ddaadded8ceb0fdf97
hash7375083934dd17f0532da3bd6770ab25
hashac6d919b313bbb18624d26745121fca3e4ae0fd3
hashf0adfd3f89c9268953f93bfdfefb84432532a1e30542fee7bddda14dcb69a76c

Url

ValueDescriptionCopy
urlhttp://185.238.0.233/p.dll
urlhttp://185.238.0.233/b.dll
urlhttp://185.238.0.233/sed.dll
urlhttp://185.238.0.233/hnt.dll
urlhttp://185.238.0.233/88/k057.exe
urlhttp://185.238.0.233/newsvc.zip
urlhttp://egregoranrmzapcv.onion
urlhttps://egregornews.com/
urlhttp://egregor4u5ipdzhv.onion/
Payment Portal

Link

ValueDescriptionCopy
linkhttps://labs.sentinelone.com/egregor-raas-continues-the-chaos-with-cobalt-strike-and-rclone/
linkhttps://www.virustotal.com/gui/file/9017c070ad6ac9ac52e361286b3ff24a315f721f488b53b7aaf6ac35de477f44/detection/f-9017c070ad6ac9ac52e361286b3ff24a315f721f488b53b7aaf6ac35de477f44-1607607889
linkhttps://www.virustotal.com/gui/file/a9d483c0f021b72a94324562068d8164f8cce0aa8f779faea304669390775436/detection/f-a9d483c0f021b72a94324562068d8164f8cce0aa8f779faea304669390775436-1609464195
linkhttps://www.virustotal.com/gui/file/8483aaf9e1fa5b46486c9f2a14c688c30d2006e88de65d0295a57892de0bf4c9/detection/f-8483aaf9e1fa5b46486c9f2a14c688c30d2006e88de65d0295a57892de0bf4c9-1608093399
linkhttps://www.virustotal.com/gui/file/765327e1dc0888c69c92203d90037c5154db9787f54d3fc8f1097830be8c76ab/detection/f-765327e1dc0888c69c92203d90037c5154db9787f54d3fc8f1097830be8c76ab-1609346253
linkhttps://www.virustotal.com/gui/file/608b5bf065f25cd1c6ac145e3bcdf0b1b6dc742a08e59ec0ce136fe5142774e9/detection/f-608b5bf065f25cd1c6ac145e3bcdf0b1b6dc742a08e59ec0ce136fe5142774e9-1608573561
linkhttps://www.virustotal.com/gui/file/444a6897058fd4965770167b15a2ab13e6fd559a3e6f6cf5565d4d3282587459/detection/f-444a6897058fd4965770167b15a2ab13e6fd559a3e6f6cf5565d4d3282587459-1608285143
linkhttps://www.virustotal.com/gui/file/2b3518937fd231560c7dc4f5af672a033b1c810d7f2f82c8151c025ce75775bf/detection/f-2b3518937fd231560c7dc4f5af672a033b1c810d7f2f82c8151c025ce75775bf-1607457856
linkhttps://www.virustotal.com/gui/file/3fd510a3b2e0b0802d57cd5b1cac1e61797d50a08b87d9b5243becd9e2f7073f/detection/f-3fd510a3b2e0b0802d57cd5b1cac1e61797d50a08b87d9b5243becd9e2f7073f-1609359005
linkhttps://www.virustotal.com/gui/file/932778732711cd18d5c4aabc507a65180bf1d4bd2b7d2d4e5506be4b8193596e/detection/f-932778732711cd18d5c4aabc507a65180bf1d4bd2b7d2d4e5506be4b8193596e-1607945507
linkhttps://www.virustotal.com/gui/file/3aad14d200887119f316be71d71aec11735dd3698a4fcaa50902fce71bdccb07/detection/f-3aad14d200887119f316be71d71aec11735dd3698a4fcaa50902fce71bdccb07-1607458180
linkhttps://www.virustotal.com/gui/file/ee06c557f1acd5c4948b1df0413e49f3885f8ac96185a9d986b91a1231444541/detection/f-ee06c557f1acd5c4948b1df0413e49f3885f8ac96185a9d986b91a1231444541-1607652091
linkhttps://www.virustotal.com/gui/file/14e547bebaa738b8605ba4182c4379317d121e268f846c0ed3da171375e65fe4/detection/f-14e547bebaa738b8605ba4182c4379317d121e268f846c0ed3da171375e65fe4-1607607489
linkhttps://www.virustotal.com/gui/file/6ad7b3e0873c9ff122c32006fdc3675706a03c4778287085a020d839b74cd780/detection/f-6ad7b3e0873c9ff122c32006fdc3675706a03c4778287085a020d839b74cd780-1607458285
linkhttps://www.virustotal.com/gui/file/004a2dc3ec7b98fa7fe6ae9c23a8b051ec30bcfcd2bc387c440c07ff5180fe9a/detection/f-004a2dc3ec7b98fa7fe6ae9c23a8b051ec30bcfcd2bc387c440c07ff5180fe9a-1607670660
linkhttps://www.virustotal.com/gui/file/c3c50adcc0a5cd2b39677f17fb5f2efca52cc4e47ccd2cdbbf38815d426be9e1/detection/f-c3c50adcc0a5cd2b39677f17fb5f2efca52cc4e47ccd2cdbbf38815d426be9e1-1607457616
linkhttps://www.virustotal.com/gui/file/3e5a6834cf6192a987ca9b0b4c8cb9202660e399ebe387af8c7407b12ae2da63/detection/f-3e5a6834cf6192a987ca9b0b4c8cb9202660e399ebe387af8c7407b12ae2da63-1607607624
linkhttps://www.virustotal.com/gui/file/3fc382ae51ceca3ad6ef5880cdd2d89ef508f368911d3cd41c71a54453004c55/detection/f-3fc382ae51ceca3ad6ef5880cdd2d89ef508f368911d3cd41c71a54453004c55-1609768843
linkhttps://www.virustotal.com/gui/file/4ea8b8c37cfb02ccdba95fe91c12fb68a2b7174fdcbee7ddaadded8ceb0fdf97/detection/f-4ea8b8c37cfb02ccdba95fe91c12fb68a2b7174fdcbee7ddaadded8ceb0fdf97-1608940897
linkhttps://www.virustotal.com/gui/file/f0adfd3f89c9268953f93bfdfefb84432532a1e30542fee7bddda14dcb69a76c/detection/f-f0adfd3f89c9268953f93bfdfefb84432532a1e30542fee7bddda14dcb69a76c-1609207425

Datetime

ValueDescriptionCopy
datetime2020-12-10T13:44:49+00:00
datetime2021-01-01T01:23:15+00:00
datetime2020-12-16T04:36:39+00:00
datetime2020-12-30T16:37:33+00:00
datetime2020-12-21T17:59:21+00:00
datetime2020-12-18T09:52:23+00:00
datetime2020-12-08T20:04:16+00:00
datetime2020-12-30T20:10:05+00:00
datetime2020-12-14T11:31:47+00:00
datetime2020-12-08T20:09:40+00:00
datetime2020-12-11T02:01:31+00:00
datetime2020-12-10T13:38:09+00:00
datetime2020-12-08T20:11:25+00:00
datetime2020-12-11T07:11:00+00:00
datetime2020-12-08T20:00:16+00:00
datetime2020-12-10T13:40:24+00:00
datetime2021-01-04T14:00:43+00:00
datetime2020-12-26T00:01:37+00:00
datetime2020-12-29T02:03:45+00:00

Text

ValueDescriptionCopy
text59/70
text54/70
text54/69
text55/70
text0/59
text14/60
text60/68
text58/69
text57/69
text55/70
text56/69
text57/70
text57/67
text58/68
text59/70
text55/70
text58/70
text54/69
text25/60
textRSA
textpWEzuKkw9nY82VRKYfrw4f4wvrnfnKEApQ5JTkf/YQPzxJtJmwKUjXV759aYQnPIZdGN1RUckdpMZWiYGmsWFYzkNJZpsPihvk9c14zLJDJdmpitYvoy22JFox9iBHqhFAjDC37kzpVH6bafVABdUgUdr0r2EzK+ysJBiR0Ge28ToH94wJTXwBC7hi3G42vk4KmLncPm55NUuz9ZzQ+xqovtN/RyDNL8MDbW4lHWe9Lmi5qlNN/ckIgwDh+sI1rO/T+DmS1Uoo62QWeYTgmlRaCp91AfeC7mNFkXvXUVMs3GlqpIrgbMLPBbBi04sra/pmXp9oteZK4b1fAWKgDZ2B0f11AiX9SFIpJn8odT+Z0tVL2H8IKvANB1507SGq3S2JR3a6SLGODy3yjm3vwfnyaVqL1gNNudkDc5dLVx0tavBj2h5v1PMDCFYpuSZ56qYY1VeQfA56bsPKI2J102ztOktaFmU9jI3G3oxBCV9j1JKOJhltPRjyXAmg9o3sqB5VCxPzmMIL+bxJnEelHdBzVdRpY4pPyEPmdrn2mQ5sXwIA1RfdvF9JruxQF/0yl2WKqK0CE4pKazQWdrYdQaLTPCdMxZv7JKO8Dy5vyHBW08+UTJEuEiQa6Q/1qVkGipUPgK4Wpg3iP6xas9SaV1ovy1o2yC0beVhD+Ean6/5/lfIiG1w/ouzyq0Vprhfmr59ftnduimCDgAPi9mv2Fzg1BcGYt5P0qE7Ya0ycGFyvNvS2eoiA5mjvN67R6jeJ8JF0fPnz7O2QMldjZj0uVfAoMHlgaRP74vOKfOzFHCiPhyXwe8V9Wd3xjctlG4PCVMuUvYn7BFSW82AMefXIWTeIhHD4UdoAuZ3sHsgsFyyaTdVo1WCEWJtMMN0FOyhF0m1R5ozQPJSyuaOUzrDU1fKD57v3Cf5T860kath1w+CQAeWXdbXSR0mvN45rPgYN24qVvvB6kle5Vr20x0EZJ4viCERcreKcJqOV/0GwZU4BR8jUGQkokgD3UvJQf0Vu4mIv6vLZUtvRvEl3URsZNWh7nnKR5jjq3Tx911IH+UQznFncGD402REUpyADZpv0aRfyMZzZFecaxlo/EMS8lhkeukkZQJiwXJH2SV77olADcOfnaOQEq+YU23kRJf+YOdKW3E9NsqF1MKLTdn5+31ka4OyN7wed9HVyJj+clXkNT/YJkS/E869Hm1MPBQv+25451tiXgGcKo/9L5BFmmy77TxYuZMjuRVIanXWwK8tQ+kz0gEj1BG4I477yrhqN2yaQQ2cZ7QhpNPFlnsereCoI8rNBRBp/VgxKS+AKqkKj9UyghlABrYlRypEsM7FDC44tvDJILfb+9IL70qEe+BdPmIIv4/HWHJSEI7K9MWLah7cX4OGLG2eqT9pSkLISFvyEM+9ylo3WYWx2G0m5s0r7O+jRAOdZ1Joy5eGx7PPRCnVcEv0IyhNnFpz4HsNibUAR664rZ+Os05SDNitn3t8RgtAcvTdNHAbtNGLZZj/7KFIyGb1f37teR9/oty8BFsaHhRNVHx22+u+AFR/HbucnbY+prvzAWY3dpjQIO2O+3HoCuz2MXx5gFIfJ0pIA6V9px/j4LOPGPfN159CRItKeOy3ZLtKByaD+FwHBzYHpIWgCvL2vWo+eRWF66oYNvDhB5yVtDgXx0LU789ypKu/vjuvo7obGEoF3NoxJhmNS4DfVMzsy4YdBRhHrBfF36a8ahFSBApu9cd0RmuT09hKmV7m+EGGCXr+MNvzlFQSMzt5Ce5Mj9w507PN/IDLQz8h6236WGZSH2iM2PGUq/UF1wADoHSjPXRcfPparHHHPTcZZkil4HMWP6Y+gDlN0BKKl9ntqyd8QiiqDqwcJIZZG4Jm6lRIhvpBZ14P+z83zePzjMNhVkNVnU4sfDRaemkxZFPF+hGM/PEvqFuEOsX4LfWxOpwLAf+OLLpe71+6QdKDAcwf6553t0TOPCqGr3B+flGGAhi0pqCeAsB0KzS28MakLBxJQPkR/E+F0tHmwBYCCl0haxZnBZ9rJVApq2rAAENA2gQLPaStc0DzrdkIRY6r789la7OzAUqvcTyX8fq/xfYJpz+zUt4PUcVWxoO1+1g9+BpCAlPgZEkIKSbqoSNtkeIMz65CthNiCsX817p8nqBb4BdpcuCihoL49fK6fn/WUnj3xaTiQuNDnvcW9NARgIzqu2lvsZa+qvDBW99gsaeLb4feNlGqZUk98zht7GvywgFEAEYASCAAigAOg5QAEgAWABGAFMAMgAAAEIiQgAwADIARAAwAEYAMwAyAEEAMQBDADkAMgBFADAAOAAAAEqQAXwAQQA6AFIAXwAwAC8AMAB8AEMAOgBGAF8ANAA0ADMAMAA4AC8ANwA2ADQANAA3AHwARAA6AEMAXwAwAC8AMAB8AEUAOgBGAF8AMQA3ADEANgA0ADQALwAyADAAOQA3ADEANAA5AHwARgA6AEYAXwAyADkANAA5ADQANQAvADIAMAA0ADcAOAA2ADgAfAAAAFIQagBnAHIAYQBuAGoAYQAAAGgDckBXAGkAbgBkAG8AdwBzACAAUwBlAHIAdgBlAHIAIAAyADAAMQAyACAAUgAyACAAUwB0AGEAbgBkAGEAcgBkAAAAehJJAE0AUABSAEkATQBJAFMAAAA=
textmalware-extraction

Threat ID: 682acdbebbaf20d303f0e5b0

Added to database: 5/19/2025, 6:20:46 AM

Last enriched: 7/2/2025, 7:12:04 AM

Last updated: 8/12/2025, 12:51:31 AM

Views: 12

Related Threats

Scammers Compromised by Own Malware, Expose $4.67M Operation and Identities

Medium
MalwareSat Aug 16 2025

ThreatFox IOCs for 2025-08-15

Medium
MalwareSat Aug 16 2025

Threat Actor Profile: Interlock Ransomware

Medium
MalwareFri Aug 15 2025

'Blue Locker' Analysis: Ransomware Targeting Oil & Gas Sector in Pakistan

Medium
MalwareFri Aug 15 2025

Kawabunga, Dude, You've Been Ransomed!

Medium
MalwareFri Aug 15 2025

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats