Threat Actor: Malware Researchers | Malware Researchers
Victim: Individuals and businesses
Price: Not specified
Exfiltrated Data Type: Various types of data
Additional Information:
- Ransomware is a type of malware that encrypts valuable data on infected systems.
- Cybercriminals demand exorbitant ransoms for the decryption keys.
- The 38 new variants of ransomware discovered in April pose a significant threat to individuals and businesses.
- Each variant has its own unique characteristics and extensions.
- The extensions of the ransomware variants include .schrodingercat, .kaaa, .uajs – .uazq, .Synapse, .unkno, .four random characters, .datah, .777, .rincrypt, Lock Screen, .L00KUPRU, .CrocodileSmile, .random character string, .XXX555, .HWABAG, .$EBC, .attackfiles, .FBIRAS, .LethalLock, .DumbStackz, .repair, .xDec, .Four random characters, .bgjs – .bgzq, .Duckcryptor, .hunt, .ATCK, .BEAST, .BlackSkull, .HWABAG, .Robaj, .Shadow, .SHINRA3, and .rincrypt3.
In April, cybersecurity experts have identified of 38 new variants of ransomware. These malicious programs, characterized by their insidious nature, pose a significant threat to individuals and businesses alike. With each new variant, cybercriminals are refining their tactics, making detection and mitigation increasingly challenging. Ransomware operates by encrypting valuable data on infected systems, rendering it inaccessible to users. Subsequently, the perpetrators demand exorbitant ransoms for the decryption keys, effectively holding critical information hostage. This nefarious practice not only jeopardizes the integrity of personal and sensitive data but also imposes substantial financial burdens on victims.
- SchrodingerCat
- SHA-256: 446d6a5e6a87c510bd81e0cad36038a52c5314d0645d2442f2800e7fa4234607
- Extensions: .schrodingercat
- Kaaa
- SHA-256: be7fdfefa6dac04e9183e54a76fdca06fb8bf501381ce0d0fe9a227f452a20fc
- Extensions: .kaaa
- Uajs – Uazq
- SHA-256: 3a07ed8818f428a24bc1453db9b716f61bce1ed0961af95407b360f1d98bb650,
- SHA-256: bc992e1fee059a217b523087aec96cc203c0d52aa365a6f0d4226d8d1adb25da
- Extensions: .uajs – .uazq
- Synapse
- SHA-256: 32f02e1e6d9104a070f260bca9ccbccb0add32c0a7f7dca0653dec41c35803d6
- Extensions: .Synapse
- Unkno
- SHA-256: 7821ea21f6bc13ca56688db0ecba77777493664279d0900ed88edf1483b668fa
- Extensions: .unkno
- Farao
- SHA-256: d487a3562cfb46a5992deac8a154f6b84b4b046fb98252e51b9c75310a8e4610
- Extensions: .four random character
- Datah
- SHA-256: 549f3746e39af9678f011fa3f23be8e238e9802696d5e7da6a40b1b7eb2f8346
- Extensions: .datah
- GlobeImposter
- SHA-256: 02ca9600ad4e46cd22022f0b0dd34deb9db8a72ac1c4c1a97bbee15dc8d874a3
- Extensions: .777
- Rincrypt
- SHA-256: 265db2cb4ed90260f5b245d475510d005476eaeb967ab8e8b4959aba92e97e81
- Extensions: .rincrypt
- Charity
- SHA-256: 6e4343e41e68e78d552622b0d3df311d4e44424edef593e69cc238d1cd58f4c5
- Extensions: Lock Screen
- L00KUPRU
- SHA-256: 96386e790bb51a87b917e88a9fdd3194931adb405cd955cf05fdcff3fc24ea9b
- Extensions: .L00KUPRU
- Crocodile Smile
- SHA-256: 88003a5d7e92939d923369ef7d7a9d54230dd8aa1e97760a04df75b89aa62126
- Extensions: .CrocodileSmile
- Pegasus
- SHA-256: b3e9270ffafb2d458a3330e0cdb07523adc849b58aa8da3bde956c77cb8bfbe0
- Extensions: .random character string
- DysentryClub
- SHA-256: 770375f7bce6884c1b5dc9458ae0ee3982b0b7ce9bdf7259c631faf9f9facc22
- Extensions: .XXX555
- HWABAG
- SHA-256: e2636c32991e3e8b061d88daf3e769a6263d9a02ee27eae9a2e78ccf3ef1fec5
- Extensions: .HWABAG
- $EBC
- SHA-256: 328b49c29ce9515767a7e72b5ffb9915973eab3693be9f80309f81dcaeaef85b
- Extensions: .$EBC
- AttackFiles
- SHA-256: 886967d686b71dae455f4a85087abea3871bf039eac19c0adf72e611bf045ea1
- Extensions: .attackfiles
- FBIRAS
- SHA-256: 1d854192e5aac93a950c60e013a8f08283ad81f841dd90da9326198f37c8adda
- Extensions: .FBIRAS
- Lethal Lock
- SHA-256: 570cba42a0db3e4be01e41359ef78104464f21cd0c79ba1d21641f919739fe8d
- Extensions: .LethalLock
- Senator
- SHA-256: d8efd3040d320bea53c8f5f496670137f27a7b12f151829d474165a61a5fb106
- Extensions: .DumbStackz
- DumbStackz
- SHA-256: e2636c32991e3e8b061d88daf3e769a6263d9a02ee27eae9a2e78ccf3ef1fec5
- Extensions: .HWABAG
- Repair
- SHA-256: 2ac4618124a18a2f8d041907ab345dc37ac7e4a2f80ddb71072621b05020c35d
- Extensions: .repair
- xDec
- SHA-256: 16ed08cf0be590a0cf11648f1efee344cb49fdb4df1278a4277976d857823df3
- Extensions: .xDec
- Rincrypt 2.0
- SHA-256: 3bac13b433b453c3db0f70f4e3ce07a2c1108a0892bac358a1d1b38a30e1cd08
- Extensions: .Four random characters
- IRIS
- SHA-256: e32188f9dfa8b7d36a95edc45a56b39311fefd1df28af00a7e56b42e00557321
- Extensions: .Four random characters
- Bgzq – Bgjs
- SHA-256: c4b93b302d810c73be3886dc8aa03c230adb8a5df3611bedfa92995412fe2781,
- SHA-256: 2545f1ee454e96b5c1d06c7a675488615ff98cd1baca629963172b466e57fd31
- Extensions: .bgjs– .bgzq
- Diamond
- SHA-256: ae7582818cfa2a3002e140b007884e01f1495003b95d8d56ab14a875f20aa3a8
- Extensions: .Duckcryptor
- Hunt
- SHA-256: 1597f8e59c1b1d2d4818705af04f7fa0433e16d1f43ffa9a8158b23524de3991
- Extensions: .hunt
- ATCK
- SHA-256: eea54395aa2ff792d0d51ecbad624d74f28f72fcdd3a7610bdf88f8dccb19f2a
- Extensions: .ATCK
- Beast
- SHA-256: 0e2e4d8f60a41616714aa765a70eb27337d9aa6ae2aa9817b824edd7c12a8d02
- Extensions: .BEAST
- BlackSkull
- SHA-256: e43b1ff50819b6a596c62820faaa83d0dfeb533e69090ffe847c5916648c086a
- Extensions: .BlackSkull
- Tuborg
- SHA-256: 0c9aef61f05ff9f72af2fce242d99e7dcc8d708b7e2f2bbaacdcf78928790129
- Extensions: .HWABAG
- Robaj
- SHA-256: 26be8a62ce0fe16a5729c125f95403054a5f077b4845767c2074a12c5585e5e7
- Extensions: .Robaj
- Shadow
- SHA-256: 3b1d975e17ec74b820ffbd792fd067b84444c2b02337a7a401fb434ed5aa0bc9
- Extensions: .Shadow
- SHINRA
- SHA-256: 941a95c85a4b37bff4571d49eb918a5094a032ac1416bded3a3cd3427ecf984c
- Extensions: .SHINRA3
- Rincrypt 3.0
- SHA-256: 81b72f5f7a970eab42a0af1e66628a20e191e9f0d8d4f4e6524eed14bf98087a
- Extensions: .rincrypt3
Original Source: https://dailydarkweb.net/38-new-ransomwares-are-detected-by-malware-researchers-in-april/