TorrentForce Inactive

Ransomware group first observed in 2022. Uses Atera for deployment.
PDF Report Back to Groups
0
Total Victims
2022-09-01
First Seen
2024-12-16
Last Seen
14
Known TTPs
32.5d
Avg Delay
0
Negotiations
ONION URLS
niyuiarif3jomzlwucnduivucr7q4ag7yriwldloejwebqoijheqw7wz.onion
TOOLS
Atera Meterpreter Chisel Cobalt Strike FileZilla
FILE EXTENSIONS
.locked
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
Date Victim Name Country Sector Status
No victims recorded
Technique ID Technique Name Tactic
T1003.001 LSASS Memory Credential Access
T1036.005 Match Legitimate Name or Location Defense Evasion
T1140 Deobfuscate/Decode Files Defense Evasion
T1562.009 Safe Mode Boot Defense Evasion
T1016 System Network Configuration Discovery Discovery
T1049 System Network Connections Discovery Discovery
T1135 Network Share Discovery Discovery
T1047 Windows Management Instrumentation Execution
T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol Exfiltration
T1485 Data Destruction Impact
T1486 Data Encrypted for Impact Impact
T1491.001 Internal Defacement Impact
T1098 Account Manipulation Persistence
T1547.009 Shortcut Modification Persistence

No YARA rules

No IoCs

No ransom notes