MambaCrew Inactive

Ransomware group first observed in 2022. Uses ScreenConnect for deployment.
PDF Report Back to Groups
0
Total Victims
2022-02-01
First Seen
2025-08-05
Last Seen
9
Known TTPs
16.3d
Avg Delay
0
Negotiations
ONION URLS
eagoqfjm57l7yfi6lbotl5ols5zsmukrglijyses2lafig5adfwy22uj.onion
TOOLS
ScreenConnect PowerTool
FILE EXTENSIONS
.enc
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded
Technique ID Technique Name Tactic
T1074.001 Local Data Staging Collection
T1573.002 Asymmetric Cryptography Command and Control
T1110.001 Password Guessing Credential Access
T1083 File and Directory Discovery Discovery
T1135 Network Share Discovery Discovery
T1059.001 PowerShell Execution
T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol Exfiltration
T1486 Data Encrypted for Impact Impact
T1529 System Shutdown/Reboot Impact

No YARA rules

No IoCs

No ransom notes