Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

0apt

| RaaS

The group appears unreliable. Most, if not all, of its alleged victims cannot be verified and appear to be randomly selected organizations. WE HAVE DECIDED TO REMOVE ENTRIES FOR THIS GROUP

Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon 404 - Compromised No 2026-05-13T22:10:03 BaseHTTP 0.6 Python 3.12.3 oaptxiyisljt2kv3we2we34kuudmqda7f2geffoylzpeo7ourhtz4dad.onion
Ransom Notes (1)
Vulnerabilities Exploited (4)
This information is provided by Ransomware-Vulnerability-Matrix
Vendor Product CVE Source
Palo Alto Networks PAN-OS (Edge Firewalls) CVE-2024-3400
Ivanti Ivanti ICS CVE-2025-22457
Ivanti VPN Appliance CVE-2024-21887
Oracle Oracle E-Business Suite (EBS) CVE-2025-61882
TTPs Matrix (6)
This information is provided by Crocodyli & Ransomware.live
Initial Access Execution Persistence Defense Evasion Discovery Exfiltration
Exploit Public-Facing Application Native API Create or Modify System Process: Systemd Service Debugger Evasion Network Service Scanning Exfiltration Over Web Service: Exfiltration to Cloud Storage
YARA Rules (1)
Indicators of Compromise (IoCs) (4)
Hash MD5 4
Type IOC
Hash MD5 0f7d721e4e5e2ce0a5c629f2fd4ac572
Hash MD5 29144c2f5acd859adf08d42ffcd74f50
Hash MD5 370fbcc6711fb983ae4679f02c5ac461
Hash MD5 fb42dec2c39cd7884ca4cb6b76308f51