Jaguar Inactive

Ransomware group first observed in 2020. Uses ScreenConnect for deployment.
PDF Report Back to Groups
0
Total Victims
2020-05-01
First Seen
2024-06-03
Last Seen
0
Known TTPs
15.0d
Avg Delay
0
Negotiations
ONION URLS
a7h2yhmeikfggebtsybxmtn6g6wsqhkian7iz27httqefzvxzjlajy5c.onion
TOOLS
ScreenConnect SharpHound Meterpreter
FILE EXTENSIONS
.hack
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded

No TTPs data

No YARA rules

TypeValueDescriptionCopy
sha256 5077177acd16d8d9152903761a9470cc4e0ef46b96fc259177c29b32a6bbf159 Ransomware binary hash observed in Jaguar attacks
md5 d9c054fd8cac33d57c0404d26ce7febc Infrastructure linked to Jaguar
email help902@airmail.cc Infrastructure linked to Jaguar
sha256 233d8e4a4eef5dd77afe1cf01d2d34c2931037e8d373600c3d667fcec7705b83 Infrastructure linked to Jaguar
ip 164.130.114.58 C2 server IP - Jaguar campaign
sha1 cf53f28b1910fb84d77b983b4967ce97d2f41ee3 Dropper hash - Jaguar campaign
tox FEF25FA1BCCFB95B8B1DABEFD4AE59F0BD7DE63DD132DDAE08B70D5AF5E1DEFA17FCAEE8C5FB Infrastructure linked to Jaguar
md5 b84daff9e14a4a7b4b44ac8168c99c37 Associated with Jaguar ransomware
email help686@keemail.me Associated with Jaguar ransomware
sha1 2a515a14b87e3a2db895c0756c210070e4300ecd Associated with Jaguar ransomware
tox FF8813EAA61ADC7FDD7CE0F2DD46261BEABC46AAD8892BCFAFA1BDB0E4BF8561349A29D9FCB3 Tox messenger ID - Jaguar campaign
btc bc1qvzyigett8uf4gfn49i6igabgbsfy74hm9aa9ew Infrastructure linked to Jaguar
sha256 5eec228b3aeb669a3a24559ce8ea17dba4887f27f3346400abffc02afbd2a80d Associated with Jaguar ransomware

No ransom notes