Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Grief

Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable by its trademark file extension added to encrypted files: .doppeled. It also creates a note file named: ".how2decrypt.txt".

Victims
3
 
First Discovered
2021-05-26
victim
Last Discovered
2021-06-30
victim
Inactive Since
4yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
N/A
victims with domain
Countries
1
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Grief list No 2026-04-28T07:23:58 griefcameifmv4hfr3auozmovz5yi6m3h3dwbuqw7baomfxoxz4qteid.onion
Target
Top 5 Activity Sectors
  • Education 3
Top 5 Countries
  • US flag United States 3
Heatmap
Ransom Notes (1)
YARA Rules (1)
Victims (3)
Logo
Booneville School District US
Grief
Discovered: 2021-06-30 (4y ago)
No description available
Logo
Lancaster Independent School District US
Grief
Discovered: 2021-06-09 (4y ago)
No description available
Logo
Clover Park School District US
Grief
Discovered: 2021-05-26 (4y ago)
No description available