Gamma Defunct

Ransomware group first observed in 2024. Uses Certify for deployment.
PDF Report Back to Groups
0
Total Victims
2024-05-01
First Seen
2025-10-19
Last Seen
18
Known TTPs
37.4d
Avg Delay
0
Negotiations
ONION URLS
djofwmwzm3w42kzj6rjrpyoqk3cxhyrohbcgyiaktwjprhkw22tokwct.onion
TOOLS
Certify MegaSync
FILE EXTENSIONS
.dark
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded
Technique ID Technique Name Tactic
T1071.001 Web Protocols Command and Control
T1090 Proxy Command and Control
T1003.001 LSASS Memory Credential Access
T1110.001 Password Guessing Credential Access
T1552.001 Credentials In Files Credential Access
T1555.003 Credentials from Web Browsers Credential Access
T1558.003 Kerberoasting Credential Access
T1027 Obfuscated Files or Information Defense Evasion
T1561.001 Disk Wipe Impact
T1189 Drive-by Compromise Initial Access
T1190 Exploit Public-Facing Application Initial Access
T1566.001 Spearphishing Attachment Initial Access
T1021.001 Remote Desktop Protocol Lateral Movement
T1021.004 SSH Lateral Movement
T1543.003 Windows Service Persistence
T1547.009 Shortcut Modification Persistence
T1068 Exploitation for Privilege Escalation Privilege Escalation
T1134 Access Token Manipulation Privilege Escalation

No YARA rules

No IoCs

No ransom notes