BitPaymer (e7dec940-8701-4c06-9865-5b11c61c046d)
BitPaymer is a ransomware variant first observed in August 2017 targeting hospitals in the U.K. BitPaymer uses a unique encryption key, ransom note, and contact information for each operation. BitPaymer has several indicators suggesting overlap with the Dridex malware and is often delivered via Dridex.[Crowdstrike Indrik November 2018]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Indrik Spider (3c7ad595-1940-40fc-b9ca-3e649c1e5d87) | Tidal Groups | BitPaymer (e7dec940-8701-4c06-9865-5b11c61c046d) | Tidal Software | 1 |