TenebrisData Active

Ransomware group first observed in 2017. Uses Process Hacker for deployment.
PDF Report Back to Groups
1
Total Victims
2017-02-01
First Seen
2026-03-07
Last Seen
0
Known TTPs
11.1d
Avg Delay
0
Negotiations
ONION URLS
l5vp2qdwhh5jkiem42bqs5w6cfgz3vxyjkartvm5xhmuhybwlnjxl4t5.onion
TOOLS
Process Hacker SharpHound Cloudflare Tunnel
FILE EXTENSIONS
.doom
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
2026-03-07 Sapphire Industries United States Utilities Published

No TTPs data

No YARA rules

No IoCs

No ransom notes