Ransomware Intelligence

bqtlock Ransomware Group

Ransomware group profile

11Victims
UnknownSource country
71Impact score
Also Known As
BAQIYATLock
Liwaa Mohammad
BQTLock
BQT Ransomware
bqtlock

Description

BQTLock, also known as Baqiyatlock313, is a ransomware group that emerged in July 2025, utilizing a Ransomware-as-a-Service model. Despite its pro-Palestinian messaging, the group's primary motive is financial gain, targeting various sectors through phishing and exploiting vulnerable systems.

Key insights

  • Operates under a Ransomware-as-a-Service model with tiered affiliate access.
  • Targets healthcare, manufacturing, and professional services sectors.
  • Employs double extortion techniques, threatening data publication if ransoms are unpaid.
  • Utilizes a hybrid AES-256 and RSA-4096 encryption scheme for file encryption.
  • Gains initial access through phishing, exposed RDPs, and vulnerable software.

Threat Level & Status Breakdown

For bqtlock · Based on incidents in selected period

1.8threat level
Aggressiveness2.8/ 10
Lethality0.5/ 10
Criticality2.4/ 10

Status Breakdown

Data Leaked9.1%1
Negotiating9.1%1
Claimed36.4%4
First seenJul 2025
Last seenApr 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJul 1, 2026

Recent activity

Monthly attack count for bqtlock in the selected period

11Total attacks
4peak in Dec
1.8avg / month
↓ 1 vs first month
JulAugOctDecJanApr01234

Intelligence

IOCs, YARA/Sigma rules, and related families for bqtlock

  1. 789c2008899fae1ef90205c72d15dc04803baa1c
  2. 7d24b4af7a5b9e599862bf1566c64e6465871cf3d360676346088eb2f176ae07
  3. 7170292337a894ce9a58f5b2176dfefc
  4. 49f89b2fdef345a9d92fc821e4a226d8ac99e4ca0d2d11b5654f6557800b85f2
  5. 89c591228df334c3a974ed7b96e2060258171b78
  6. a6d91094a222da6576260abf52a07b79
  7. 9323fca75a86c75ffbdcc88ed8f35e5a
  8. de96beb0baa7243dd7f39b2c400bbc44
  9. 375d5d81cba2a78967604c6b77369e79
  10. d8f6dad64c78b9767d8c2004c05bce64d30d8d268276dfff4adab45781e6fe1c
  11. 84c7bfb0e243dd99b674e48701acab6b
  12. 507eae5d91a3e0ad47130b5103e35e1d621163e5
  13. 455a77c86d57447e04b6b3781e1076a88a8635ed
  14. af90666822646e35eb52248f4a89eb715ce9f44459205bc24827a2aafe053548
  15. d4999a1bd31343ef380147b10c2a185411cd5413
  16. 69e6fa25e66c23121826805bbcb890ac
  17. e0e3a45da417eaa356c2ca00d71dae0edd42a24f
  18. 9600db537e27db88ed2eca3be0ffab35cdb22a86a6dbb048d8deaf8f56944822
  19. 5ffa525fead0b2d81d8bbfa0630aebee5f0b2d3f4ab583e92ac41e6c8f814661
  20. 67e7b0bf057c8c7ef117be16a168833235920d0af16921ff59d0866f0d05e050
  21. b02679ecb54344490f87f91dda88ace6
  22. a441e0a25276952bb4fa2f29e06fc209
  23. 425b2f283b71237276f84d941d9c2982c7f61a9aff12ece10e15065b73b7165e
  24. f2319166e6ab26471ce68adc7dcebe0192d27d8d
  25. b91ea42a34f873a155e7d1fba412cd2946cb362f
  26. a065c2d25096957126b9739f95810a12
  27. 53385e0fd7fc9c88080abf5b97cd5b84b31c876e
  28. ba8291a7d062dcfcdf824399b42eef9f
  29. 7d6f7a6e5bac9045039afd062e0eae9a25ee82c2
  30. ebc2ad209a2b0c70abbdc670507712f50fe2b29e
  31. 7c0b31d787e926082607e773ed4b9b45
  32. 4369aed581de0fe84c25a1ef2c3cf0bb6bf70df8b51fdf38b3b0b2a55f43261b
  33. 162e4777b60919f8d2747588181135f5664eee20
  34. 7440e0323df806c324ebcc97306687db
  35. 5b992a3438e344dddcdd66151a40efb3452b2ff37cdc40b37db612afeb29ed29
  36. b5b6ca51a18389e8d0fb624bd0d876041b5cdfa9
  37. f0560d544a8b310b6b6446be10f8d10a1f706171
  38. cd4dad081f725dfbfb7a953be2d375e642cb70b31c657855f6acb0b6f1cb0a4f
  39. 881b048234ebed82339244eb0c18580d785944dc82f83949f6adc1a9bc225c3b
  40. ed5471d42bef6b32253e9c1aba49b01b8282fd096ad0957abcf1a1e27e8f7551
  41. d647659069d09b59a0e5d3608df314b2
  42. d6cb9f18705c34c515dbfd59c4015576
  43. 67a315a0fe8d466f71716a83ab0e745ec4a7fa2e210a1b06e3396b516f554554
  44. 4525387f28bee6bb48d07e6989319f382447a8a6e48ae11f332dee9916feb8cc
  45. caef2db273f466df3e2fa8c61bca6f9d58c99057
  46. c57a95d05d2f82d68204431bc8bd4d99bb1e4811
  47. 22d892ee990b3d75e3fff497b75667dd
  48. f52d8ae29652f58eda468caf80aebc33
  49. 2aae1d749353067f5afb5bebedb5249047f60e7aaa9684ac7c779a0908b1573c
  50. dae6729cc3bfcbd700fc7e46818aada2
  51. 9547933dd46501af7fc095a3513e48b81178e344b86e075b679259875f0fd5a7
  52. 4b4d6e2ffbbc2f2e13202125cbff097b2eedd654
  53. 11affbeb18f4d6edcc9a4be5a82f8e23dfc31178887e97119faa5ddc75990494
  54. ce9a67a19b71a59ea70f634a5645e7d1a56ec293
  55. 4e7434ac13001fe55474573aa5e9379d
  56. d4ecadc8b0887023abe0f0a8459ee5a9f8414e1d
  57. 0e94ec2e86ad128c1a998e462c3aba2b38fb0714980aa97e4013cb314127d25a
  58. afa5c27726efe4576e1161c0c17f83524a447c4f
  59. 16b4f2af4cd1d1e1fd2089d0c0697534
  60. dbc6750d065d4ab641877b630cc7f59866c91183
  61. 3c8d106f63d1ed921f9b8c7d103d73cd591fe19c
  62. 00005ed250d85fc47e4c3883b8e6179a9888b8140acfeb94a40edc36bd523adb
  63. 22fc83d0eb4cfac43772694a6878960d4ce47d13
  64. ee6fc659d64a771ce7a0a265e035f290
  65. ab04fc3cbe5aa5f61e603328969673d027d82a27a5958f669893bb8f3cf66cba
  66. a18c29c72d1808477727ec2a611cee0f22ecd435457265bcf10823e0980c3636
  67. cd5e7b3b59cea14b804f6c01821d1ab94a0046422fe956f623b238c5db0cac99
  68. 7ff1a6efe00d7b78094d3eb1740f179c
  69. c34d690bbe1f9dc78066c881e3596505
  70. d244b63e40aab7299d194c11bf060054
  71. 9cd62dbace3324487124787127cff7c63a9f005d8d3aff9bac28c437e5caefc7
  72. 2db8cce5bb24a768a7a60c28e46b8b1e1655fc5f
  73. ac8acef11171d3d45bb9386b59f7e2a9
  74. 110df49522d46b612a28bafbdff3405c
  75. 793813ddcc1ea542c98b0c082a025a2a
  76. f558a0bcd20e01e46551a491c66114e8
  77. a8dd699bbf697e84023ffc38beaeaa3660655f44
  78. 6a154a0319db6f9d10210b91b4ab614cdb822dd3
  79. 6169d9521df9b4149f055be01088bb62548a180f
  80. 10938c2d01dc999d2fe1f8c635e3705e7e663077935a17e730c849d1191c76ed
  81. 213afdbedfd181f4ff5bc831cbf22595648694a7
  82. 9569c8631bcd37da1a5048d979362804
  83. 630edad05cfe37d5435d12afb88ac9106bde19b5
  84. 9c58050d0fb79c4863ae6df6aa661d9e
  85. 196509ec4599d93a1cf42d70623ac9098c8979bb
  86. 058a1dbfa03cac6cc67d34a4dcc69445
  87. 73a0b940a037a2c20f1e2a9426be8d05933e1874
  88. b7796a3b1812f329c43d5d37bbb6d8032b7bc06b15af29f555eb3e0c7b1b1c3d
  89. 406e6065cac225b47784fb07230962e28abbb6fa
  90. fbd67a3bcc964e370931f620a85bf368d7b5797ebc1d53fe3be11a89a90e7961
  91. 5531198fdd7c3691be3b0bb2e449dafa29620c85
  92. 97524f4c582e0fbe46b74a7cfe4db9f078f368520cda25f27a50c5d2c50161f9
  93. 780e34c72404fd464669626ae554b81393d2bae95293284b375bb5d989914486
  94. 56eec59a5fe3f5a3c2c836701557bf1956770f465cd9e049995b86aef76a3e39
  95. a6a397fec6c109a1402c6f1144d647843b2093f65fedd27204b40ebeea0640b6
  96. 972b1677621bbdc45ef61c56cd9909d2
  97. 5be5795b1aec7dc36b8937ee9122f6bdc6d94745
  98. b211537ea626fae4ad2ef5ee2652633dc68aaf20da6eb953a44f266c4106b367
  99. 1859f56847ccabc6581a56f55041955f
  100. 862f29aa00bb4ee33729bc6699990dbdf9ef890b8364f8288b173cb1ca5d6787
  101. e261a796d883fe301715798519228480
  102. e0080e35657caed78566384a2e7b1ef4
  103. bc8cc3ca2a45ebb934cd71218d9b56b3
  104. dacbba7f18d0835deb2eeb4e4d82c8f57234767291a90da1a5f3fd02d6bc13c2
  105. 5befee1210165646b4bb6574663f01ace27c630e
  106. 3478194a509ae4d2f0a31435952b27bc
  107. 6fa76affe2bcf806e0abf98c1086971395324697
  108. b098f67726a4a3f7277b3f41a86d503c
  109. 2b0698d2a85c000e83242a06708461895deec84c
  110. e73abc48015c54214b2edae4a6d1ed25
  111. e2622ede1ebe5a37c439a32f0c63c13f893d1e5513b27367502898651cc5464b
  112. 008ec0226066572f4b27f100d08443120b9dd55cefbec2bbff994b5b552e546c
  113. 0ccd3f2d7e6637eaf5414e35b97d9d8bf6b8e4182859cace8ca8e02377a4e62a
  114. 3857744a651da4e431083180798041a5e888b09334a1a04c2c047216f471b0f6
  115. acf3b7f2f07f5d04083f99b82eb0c8ba
  116. 4f935fd188b1e9965e083f72ec33712dae53409a
  117. f77c203d0c80598954c06a0f6f0c46f8b885ba423d12a21f13ded0168aa11b10
  118. b61ae633616d7dd29aaf0b170fdfbe8f282c0f8bdcb1c52aedee473ce4bf5789
  119. 38f8aa1447a7b8b445499e45102ae84b51fb52e3
  120. 590e47944ef0597bf1ff1d41656859b776e7031a4611cbf22d619002cbe49312
  121. 618070d597dd73c43ba5d4bde2baa93a4f6038e3279de3bafe688caa5c409a58
  122. 324eabc27a25f524c94bb62573986b3335ab5181ddc6825d959d16aaaccdc7aa
View full IOC feed276 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for bqtlock

Other

T1486

T1486

T1490

T1490

T1021

T1021

T1562

T1562

T1080

T1080

T1078

T1078

T1547

T1547

T1059

T1059

T1021.001

T1021.001

T1105

T1105

T1071.001

T1071.001

Victims(11)

CompanyDomainCountryIndustryStatusDiscovered
Metro Hospital USAUS United StatesHealthcare
Negotiating
3 months ago
DGMIL IsraelTechnology
Unknown
6 months ago
Morning Desert SafariAE United Arab EmiratesHospitality
Unknown
6 months ago
Arabian Desert SafariAE United Arab EmiratesHospitality
Unknown
6 months ago
Dhow Cruise Dubai HarbourAE United Arab EmiratesHospitality
Unknown
6 months ago
Hatta Heritage VillageAE United Arab EmiratesHospitality
Unknown
6 months ago
Adore UAEadoreuae.comAE United Arab EmiratesRetail & E-Commerce
Claimed
9 months ago
EPS FUJ Private School UAEepsfuj.comwAE United Arab EmiratesRetail & E-Commerce
Claimed
9 months ago
European Business Server Clusterbizoneo.comIE IrelandRetail & E-Commerce
Claimed
11 months ago
eFunda, Inc.efunda.comUS United StatesRetail & E-Commerce
Claimed
11 months ago
USA Military Alumni NetworksUS United StatesGovernment & Defense
Data Leaked
11 months ago