DefrayXDefrayX

Also known as: Hive0091 · DefrayX

Known aliases
2

Profile

DefrayX is a threat actor group known for their RansomExx ransomware operations. They primarily target Linux operating systems, but also release versions for Windows. The group has been active since 2018 and has targeted various sectors, including healthcare and manufacturing. They have also developed other malware strains such as PyXie RAT, Vatet loader, and Defray ransomware.

Aliases· 2

Hive0091DefrayX

References

  1. https://securityaffairs.co/wordpress/138933/malware/ransomexx-ransomware-rust-language.html
  2. https://research.checkpoint.com/2022/28th-november-threat-intelligence-report/
  3. https://securityintelligence.com/posts/ransomexx-upgrades-rust/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Defray (Glushkov)
Software
RansomEXX
Actor
Daixin Team
Software
DXXD
Software
donex
Software
DeroHE
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.