<<< Hide Navigation Hide TOC >>>

RansomHub (Payload) (a3044fb5-3aae-4590-b589-cc88bf0d1f34)

This object represents the techniques associated with the payload binary used in attacks associated with the RansomHub ransomware-as-a-service ("RaaS") operation. The RansomHub gang is suspected of leaking victim data exfiltrated in attacks by other groups, but researchers have also observed an apparent original ransomware payload linked to the group.^{[BroadcomSW June 5 2024][The Record RansomHub June 3 2024]} This payload displays a high degree of code similarity with Knight ransomware, whose source code was offered for sale in cybercriminal forums in February 2024.^{[BroadcomSW June 5 2024]}

Rows: 4

Loading extensions...

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Tidal Groups Tidal Software		Clear Tidal Groups Tidal Software	Clear 1
CosmicBeetle (04b73cf2-33f4-4206-be9e-c80c4c9b54e8)	Tidal Groups	RansomHub (Payload) (a3044fb5-3aae-4590-b589-cc88bf0d1f34)	Tidal Software	1
Scattered Spider (3d77fb6c-cfb4-5563-b0be-7aa1ad535337)	Tidal Groups	RansomHub (Payload) (a3044fb5-3aae-4590-b589-cc88bf0d1f34)	Tidal Software	1
RansomHub (Payload) (a3044fb5-3aae-4590-b589-cc88bf0d1f34)	Tidal Software	Indrik Spider (3c7ad595-1940-40fc-b9ca-3e649c1e5d87)	Tidal Groups	1
RansomHub (Payload) (a3044fb5-3aae-4590-b589-cc88bf0d1f34)	Tidal Software	RansomHub Ransomware Actors (94794e7b-8b54-4be8-885a-fd1009425ed5)	Tidal Groups	1