Edge - Ransomware Monitor

Total Victims

2018-05-01

First Seen

2022-09-04

Last Seen

Known TTPs

35.0d

Avg Delay

Negotiations

ONION URLS

gt7ubhbggcuorcxzzi5nthx4hfcmq7xa3f4gm5a7sjjamz4egtqc7cx2.onion

TOOLS

SharpDPAPI net.exe

FILE EXTENSIONS

.pwned

ACTIVITY TIMELINE

TOP SECTORS

TOP COUNTRIES

ACTIVITY HEATMAP

Date	Victim Name	Country	Sector	Status
No victims recorded

No TTPs data

No YARA rules

Type	Value	Description
tox	2C1CCBB873B7DD7DEA82EBFA06BE9BB58637C357639705D076EF6DE14A43269F81DFEFED879E	Tox messenger ID observed in Edge attacks
email	help335@onionmail.org	Infrastructure linked to Edge
md5	d65d331e68cccee3d1ae2889143ff45e	Associated with Edge ransomware
tox	9DB0ECBD41C04B7BF40A4D2CA5DFB0FDEFF0C53EED9DEF0BB7D75B09CEBFCAC0ABECBCE2B8A3	Associated with Edge ransomware
email	support520@firemail.cc	Contact email - Edge campaign
btc	bc1qyjgok5ic1qokemxicm8q6i8oej4mfxo4we27yc	Associated with Edge ransomware
btc	bc1qu8636kz6a7k3hvi4u4qxgf9autwhx9cte64v6k	Bitcoin ransom address - Edge campaign
sha256	96d37dc90d9dab68a936e37efd13e00bc73caccc3efd2aab1fee1e24b448df7f	Ransomware binary hash observed in Edge attacks
sha1	104b3f6225e8f2251ea9034189101023db8d337b	Infrastructure linked to Edge
email	decrypt659@tuta.io	Infrastructure linked to Edge
ip	77.163.242.217	C2 server IP - Edge campaign
sha256	ea5d429e6c470e6bd1ea40e2bc062f04a54783fa0d3b68511d9a53420938ef82	Infrastructure linked to Edge
md5	99e840646fc908ab51c7358496baf118	Infrastructure linked to Edge
md5	ed5a333d89521b39cea030d4187a360f	Malware sample hash observed in Edge attacks

No ransom notes

Edge Inactive