SEXi/APT INC Active

Also known as: APT INC
VMware ESXi focus using Babuk/LockBit
PDF Report Back to Groups
0
Total Victims
2024-04-01
First Seen
N/A
Last Seen
0
Known TTPs
22.3d
Avg Delay
0
Negotiations
ONION URLS
gxefk6pcywvi5vj2uqaefl6ecrm4y7cmopww2ddgmzktykebm5jqbkdq.onion
oii2d2i7d4ka2rhdgrjjqm74ndeucdavlyvwveege5odf2p4zh3vlkdq.onion
TOOLS
Babuk ESXi variant
FILE EXTENSIONS
.SEXi
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded

No TTPs data

No YARA rules

TypeValueDescriptionCopy
tox 2F03DA5EA8ABB0B2EAF40077CF7E5AEF7BD6F33F2DDE3F7EFFAB42AE7DB4E2F87A74AD9CE38B Tox messenger ID - SEXi/APT INC campaign
ip 77.93.20.198 C2 server IP - SEXi/APT INC campaign
md5 fcc9c82bc37c0842d7c81b0b29dead2f Malware sample hash observed in SEXi/APT INC attacks
btc bc1qd8jubbqo4ps3gqbzlly2s6kcr7wbvz4p0xgjzz Associated with SEXi/APT INC ransomware
md5 b9df67ad8938dd5301be535eae741dea Associated with SEXi/APT INC ransomware
md5 97c5ba3fd30d451a0b83e56fef88748d Associated with SEXi/APT INC ransomware
ip 167.156.126.96 Infrastructure linked to SEXi/APT INC
btc bc1q0hl8uj90yv1a70yegwxfq3oczzth7gcssss1b8 Bitcoin ransom address observed in SEXi/APT INC attacks
sha1 f5387ef8f0b91d1238b0b6e435198923e4c10253 Associated with SEXi/APT INC ransomware
btc bc1qk4l6o1fdt5k56ad83jljink0876s5q7s816gc3 Associated with SEXi/APT INC ransomware
sha256 36d921164c4928ab79277c20e303891dcd19dc3ff27b3cafcdea5e6c31e9723b Associated with SEXi/APT INC ransomware

No ransom notes