Skip to content

Hide Navigation Hide TOC

mrAgent (730cb8cb-3663-424b-b335-ea93533e8106)

MrAgent is a malware tool used to automate ransomware deployment on ESXi hypervisors. It provides remote access to compromised hosts, allowing threat actors to disable security controls and operate mass encryption. MrAgent gathers information on virtual environments and tracks ransomware execution across infected hypervisors.

Cluster A Galaxy A Cluster B Galaxy B Level
Ransomhouse Group (61fe900f-d317-41fb-aed8-7f1052acfc5e) Tidal Groups mrAgent (730cb8cb-3663-424b-b335-ea93533e8106) Tidal Software 1