ParadoxCrew Active
Ransomware group first observed in 2019. Uses Process Hacker for deployment.1
Total Victims
2019-02-01
First Seen
2026-03-06
Last Seen
0
Known TTPs
37.9d
Avg Delay
0
Negotiations
ONION URLS
gwv7qyneta6h327ik6thk32ww4qpkniissuq7gpvcghbu6vuupmziw2f.onion
TOOLS
Process Hacker
TDSSKiller
MegaSync
SystemBC
Rubeus
FILE EXTENSIONS
.oops
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
| Date | Victim Name | Country | Sector | Status |
|---|---|---|---|---|
| 2026-03-06 | Delta Corp | United States | Telecommunications | Removed |
No TTPs data
No YARA rules
No IoCs
No ransom notes