benzona
Ransomware group profile
14Victims
Description
No description available for this group.
Threat Level & Status Breakdown
For benzona · Based on incidents in selected period
2.7threat level
Aggressiveness3.5/ 10
Lethality0/ 10
Criticality4.8/ 10
First seenNov 2025
Last seenJan 2026
Avg ransom—
Payment rate—
Recent activity
Monthly attack count for benzona in the selected period
14Total attacks
6peak in Jan
4.7avg / month
↑ 1 vs first month
No intelligence data for this group.
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for benzona
Defense Evasion
T1562
Impair Defenses
T1027
Obfuscated Files or Information
Execution
T1059
Command and Scripting Interpreter
Impact
T1486
Data Encrypted for Impact
T1490
Inhibit System Recovery
Lateral Movement
T1021
Remote Services
T1021.001
Remote Desktop Protocol
T1080
Taint Shared Content
Persistence
T1078
Valid Accounts
T1547
Boot or Logon Autostart Execution
Victims(14)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| casamedica.com.gt | casamedica.com.gt | GT Guatemala | Healthcare | Unknown | 4 months ago | |
| empreinte-hotel.com | empreinte-hotel.com | FR France | Hospitality | Unknown | 5 months ago | |
| *a*ame*i*a.com.g* | — | — | — | Unknown | 5 months ago | |
| ccbrt.org | ccbrt.org | TZ Tanzania | Healthcare | Unknown | 5 months ago | |
| em***int*-ho***.com | em***int*-ho***.com | NA Namibia | — | Unknown | 5 months ago | |
| cc***.or.*z | — | NA Namibia | — | Unknown | 5 months ago | |
| taminsho.com | taminsho.com | IR Iran | Healthcare | Unknown | 6 months ago | |
| platinumone.in | platinumone.in | IN India | Technology | Unknown | 6 months ago | |
| SUNNYGO.COM.TW | sunnygo.com.tw | TW Taiwan | Retail & E-Commerce | Unknown | 6 months ago | |
| suzuki-ploiesti.ro | suzuki-ploiesti.ro | RO Romania | Manufacturing | Unknown | 6 months ago | |
| poliserv.ro | poliserv.ro | RO Romania | Professional Services | Unknown | 6 months ago | |
| mazda-ploiesti.ro | mazda-ploiesti.ro | RO Romania | Manufacturing | Unknown | 6 months ago | |
| dacia-ploiesti.ro | dacia-ploiesti.ro | RO Romania | Transportation | Unknown | 6 months ago | |
| sevci.org | sevci.org | CI Ivory Coast | Healthcare | Unknown | 6 months ago |
Affected countries(9)
Countries where this group has been reported to target or leak victims.