Ransomware Intelligence

ransomhouse Ransomware Group

Ransomware group profile

76Victims
RussiaSource country
82Impact score
Also Known As
Jolly Scorpius

Description

RansomHouse is a cybercriminal organization that specializes in data extortion through ransomware attacks, primarily targeting organizations with unpatched vulnerabilities. They employ double extortion tactics, encrypting data while threatening to leak it if ransom demands are not met. As a Ransomware-as-a-Service group, they have gained notoriety for their sophisticated phishing campaigns and exploitation of critical network weaknesses.

Key insights

  • Employs double extortion tactics by encrypting files and threatening to leak sensitive data.
  • Specializes in exploiting unpatched vulnerabilities and deploying advanced social engineering techniques.
  • Utilizes Ransomware-as-a-Service (RaaS) model to scale operations and tailor attacks to victims.
  • Targets various sectors, including healthcare and retail, with a focus on organizations with weak cybersecurity measures.
  • Utilizes tools like MrAgent and Mario ESXi for ransomware deployment and execution.
  • Recent activities indicate a shift towards targeting smaller, less-prepared organizations.
  • Ransom demands are typically paid in cryptocurrency to maintain anonymity.

Threat Level & Status Breakdown

For ransomhouse · Based on incidents in selected period

2.6threat level
Aggressiveness7/ 10
Lethality0/ 10
Criticality0.4/ 10

Status Breakdown

Claimed100.0%76
First seenJul 2025
Last seenJul 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJul 15, 2026

Recent activity

Monthly attack count for ransomhouse in the selected period

76Total attacks
18peak in Oct
5.8avg / month
↑ 3 vs first month
JulAugSepOctNovDecJanFebMarAprMayJunJul05101520

Intelligence

IOCs, YARA/Sigma rules, and related families for ransomhouse

  1. 50520639cf77df0c15cc95076fac901e3d04b708
  2. 5bef7608d66112315eefff354dae42f49178b7498f994a728ae6203a8a59f5a2
  3. bfc9b956818efe008c2dbf621244b6dc3de8319e89b9fa83c9e412ce70f82f2c
  4. bf80c96089d37b8571b5de7cab14dd9f
  5. d6d6174ec5370d8ffa8a163863544d52501813dc
  6. 26b3c1269064ba1bf2bfdcf2d3d069e939f0e54fc4189e5a5263a49e17872f2a
  7. 7e35c5a7ff185dbff35e05fa91385cbf
  8. ea6adefdd2be00d0c7072a9abe188ba9b0c9a75fa57f13a654caeaaf4c3f5fbc
  9. a97a28276e4f88134561d938f60db495
  10. d36afcfe1ae2c3e6669878e6f9310a04fb6c8af525d17c4ffa8b510459d7dd4d
  11. 01735bb47a933ae9ec470e6be737d8f646a8ec66
  12. 518544e56e8ccee401ffa1b0a01a10ce23e49ec21ec441c6c7c3951b01c1b19c
  13. 2c89a18944d3a895bd6432415546635e
  14. e078778b62796bab2d7ab2b04d6b01bf
  15. b9e4784fa0e6283ce6e2094426a02fce
  16. 3751997cfcb038e6b658e9180bc7cce28a3c25dbb892b661bcd1065723f11f7e
  17. 6e39063ca953f46f1d2fe50e9934aac4d0f08855b7b6b8d8996e7790da4e2d06
  18. ade84908dde9e1fbed35f643b210a6e2ade1f7c7
  19. b379d8f583112cad3cf60f95ab3a67fd
  20. 0fe7fcc66726f8f2daed29b807d1da3c531ec004925625855f8889950d0d24d8
  21. 0dcbb7c7af77efd4a2b39f2303806fcd
  22. b27ff24870d93d651ee1d8e06276fa98
  23. b1221000f43734436ec8022caaa34b133f4581ca3ae8eccd8d57ea62573f301d
  24. eae09889399fe4fb8e78b114dba0527de913d12fb1802944a88ed136e3e90577
  25. 8023d01ffb7a38b582f0d598afb974ee
  26. 94f73b5dc06ba6705fcef3e759413a747049c2949a0c2e44afc03b2f9989cf73
  27. c0ec15e08b4fb3730c5695fb7b4a6b85f7fe341282ad469e4e141c40ead310c3
  28. 0a77e537c64336f97a04020e59d17d09d459d1626a075878e2b796d1e1033038
  29. ba4d58f2c5903776fe47c92a0ec3297cc7b9c8fa16b3bf5f40b46242e7092b46
  30. bab3c87cac6db1700f0a0babaa31f5cd544961d1b9ec03fd8bcdeff837fc9755
  31. 905b18d5df58dd6c16930e318d9574a2ad793ec993ad2f68bca813574e3d854b
  32. 5724d76f832ce8061f74b0e9f1dcad90
  33. 6f53f99b0a19150d53244d691dd04e80
  34. c3804d1329b55a37bfa2f835e1e9bbc7bdb2b260f8e3627c06e02c9f52685d44
  35. 6bb0c60195d90b032a3488b50a38a797dfcf9104
  36. a638fd203ddb540d0484d8e00490df06
  37. e06520c65bf27d9110d68ecc0de0e0824c3a99be080ead1a5b5be8fd2a26d12d
  38. 5995aaff5a047565c0d7fe3c80fa354c40e7e8c3e7d4df292316c8472d4ac67a
  39. afe398e95a75beb4b0508c1bbf7268e8607d03776af0b68386d1e2058b374501
  40. e1de05a2832437ab70d36c4c05b43c4a57f856289224bbd41182deea978400ed
  41. 0f11aeecbde1f355d26c9d406dad80cb0ae8536aea31fdddaf915d4afd434f3f
  42. df72a87f9cbeb9e659f1a833c256a76650d91f28
  43. a3dbcc9d4e1dd523f2848689f7e0753465de6188cfac4d3a52389ab1ec3db836
  44. 2809e15a3a54484e042fe65fffd17409
  45. 98380ec6bf4e03d3ff490cdc6c48c37714450930e4adf82e6e14d244d8373888
  46. 2c1a4fe4a2ac4f0a49052f9521458136eb477fe23665dc4b7076fbd32de3005d
  47. e1c371c7c39c16d208bcbaa5b5d0714df696e6ef68b95a880673a904527c8b96
  48. 7d100a7028f7c3e398602bba56e1dc0a5550e730
  49. e9b209606646f98d65dc4c95534eb01aecb087c9
  50. 4a8f0331abaf8f629b3c8220f0d55339cfa30223
  51. 09eb513f284771461bcdc16ee28d31ce8bbe74e0
  52. 6e01ef1367ea81994578526b3bd331d6
  53. 4d97497247e65144814d99eb0dab77d39f4863058dd1109637d5be39be082c57
  54. e7622d983d22e749b3658600df00296d
  55. e79984ea02b2049b1e74452013529da5
  56. f58cf55b944f5942f1d120d95140b800
  57. 7eec7d07587112777016e5742c0d002d7e64a3e1fe7bde82fed8f65e3663456a
  58. 7ae38a27494dd6c1bc9ab3c02c3709282e0ebcf1e5fcf59a57dc3ae56cfd13b4
  59. aac5d83d296df81c9259c9a533a8423a
  60. 3934b3da6bad0b4a28483e25e7bab919d7ed31f2f51cca22c56535b9f8183a0e
  61. aba978d4c2d2cab9801979b54065a07cd11eddff
  62. 3243e04afe18cc5e1230d49011e19899
  63. 9fd32ffbe2bfe0f1b9bf8c0ebd09697d
  64. 0a18d66e3f72e21b9a507739dbeb009d017dcfe0
  65. c6b727d7cff517577db838db18ad17b46334d3c91c2e50893634e56cdc19e41f
View full IOC feed233 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for ransomhouse

Other

T1486

T1486

T1490

T1490

T1078

T1078

T1059

T1059

T1021

T1021

T1562

T1562

T1547

T1547

T1021.001

T1021.001

T1080

T1080

T1003

T1003

Victims(76)

CompanyDomainCountryIndustryStatusDiscovered
Fidelity Services Groupfidelity-services.comGB United KingdomFinancial Services
Claimed
about 21 hours ago
Megaworkmegawork.com.brBR BrazilProfessional Services
Claimed
about 1 hour ago
[DISCLOSED]Prince George County
Claimed
10 days ago
[EVIDENCE]Prince George County
Claimed
14 days ago
[DISCLOSED]Karl Chevrolet
Claimed
24 days ago
Bonaciobonacio.comIT ItalyOther
Claimed
17 days ago
Prince George Countyprincegeorgecountyva.govUS United StatesGovernment & Defense
Claimed
29 days ago
Promeplapromepla.comAR ArgentinaManufacturing
Claimed
30 days ago
Ma Pak Leung Company Limitedmapakleung.comHK Hong KongOther
Claimed
about 1 month ago
Aegle Aviationaegleaviation.comIN IndiaTransportation
Claimed
about 1 month ago
Karl ChevroletUS United StatesRetail & E-Commerce
Claimed
3 months ago
Cybersecurity VendorNA NamibiaTechnology
Claimed
3 months ago
Star Energy Geothermal Salakstarenergy.co.idID IndonesiaEnergy & Utilities
Claimed
3 months ago
Jiangsu Zenergy Battery Technologies Group Co., Ltd.zenergy.cnCN ChinaEnergy & Utilities
Claimed
3 months ago
Winnitex (Americas) Limitedwinnitex.comUS United StatesManufacturing
Claimed
3 months ago
Trellix (McAfee & FireEye)trellix.comUS United StatesTechnology
Claimed
2 months ago
Transaction Packing Inctransactionpacking.comUS United StatesTransportation
Claimed
3 months ago
[DISCLOSED]Accelerated Services
Claimed
3 months ago
[DISCLOSED]Bioptik TechnologyTW TaiwanTechnology
Claimed
3 months ago
[DISCLOSED] Irec SasFR FranceHospitality
Claimed
4 months ago

Page 1 of 4