Common Information
| Type | Value |
|---|---|
| Value |
Hive0091 |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | DefrayX is a threat actor group known for their RansomExx ransomware operations. They primarily target Linux operating systems, but also release versions for Windows. The group has been active since 2018 and has targeted various sectors, including healthcare and manufacturing. They have also developed other malware strains such as PyXie RAT, Vatet loader, and Defray ransomware. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2022-11-29 | 11 | Anomali Cyber Watch: Caller-ID Spoofing Actors Arrested, Fast-Moving Qakbot Infection Deploys Black Basta Ransomware, New YARA Rules to Detect Cobalt Strike, and More | ||
| Details | Website | 2022-11-25 | 1 | Hackers Rewritten The RansomExx Ransomware in Rust Language | ||
| Details | Website | 2022-11-25 | 0 | Slippery RansomExx Malware Moves to Rust, Evading VirusTotal | ||
| Details | Website | 2022-11-24 | 1 | New RansomExx Ransomware Variant Rewritten in the Rust Programming Language | ||
| Details | Website | 2022-11-23 | 7 | RansomExx Upgrades to Rust | ||
| Details | Website | 2022-11-22 | 2 | RansomExx Upgrades to Rust | ||
| Details | Website | 2020-02-17 | 4 | 28th November– Threat Intelligence Report – Check Point Research |