Ransomware - DoNex

DoNex
Decryptor Available
No
Description

This entry is under construction. However, we have included some details below.

Ransomware Type
Crypto-Ransomware
Data Broker
First Seen
Extortion Links
Medio
Enlace
TOR
http://g3h3klsev3eiofxhykmtenmdpi67wzmaixredk5pjuttbx7okcfkftqd.onion
Extortion Types
Direct Extortion
Double Extortion
Free Data Leaks
Communication
Medio
Identificador
Email
[email protected]
Tox
2793D009872AF80ED9B1A461F7B9BD6209744047DC1707A42CB622053716AD4BA624193606C9
File Extension
<file name>.<file extension>.<9 alphanumeric character victim ID>
Ransom Note Name
Readme.<9 alphanumeric character victim ID>.txt
Ransom Note Image
DoNex-RansomNote-0adde
Click to enlarge
Samples (SHA-256)
0adde4246aaa9fb3964d1d6cf3c29b1b13074015b250eb8e5591339f92e1e3ca
Known Victims
Industry Sector País Extortion Date Amount (USD)
Distribution & LogisticsNetherlands
Banking & FinanceUnited States
Retail & WholesaleItaly
Music & EntertainmentCzechia
EducationBelgium
References & Publications
PCrisk: DoNex Ransomware
Ransomware Tracker