Samples for Ransomware Actors

1. UnderMarket - Available On [ iOS - Android ]
2. un62d2ywi33bho53.onion
3.  
4. Archive7 - Darkrai P2P Botnet
5. hxxp://archive7bgastbl4.onion/en/botnets/
6. hxxps://keybase.pub/horsecock/Net%20Files/Botnet /P2P/~B1NARY~%20Darkrai
7.  
8. Loki Bot - C&C
9. hxxp://216.170.114.116/free/Panel/PvqDq929BSx_A_D_M1n_a.php
10. hxxp://216.170.114.116/test/Panel/PvqDq929BSx_A_D_M1n_a.php
11. hxxp://216.170.114.116/papa/Panel/PvqDq929BSx_A_D_M1n_a.php
12. hxxp://216.170.114.116/rumuokoro/Panel/PvqDq929BSx_A_D_M1n_a.php
13.  
14. hxxp://185.24.233[.]139/dom/
15. hxxp://185.24.233[.]139/hmt/
16.  
17. JackPOS - Control Panel
18. hxxp://mdksimon[.]su/jack/admin.php
19.  
20. Russian Email Scheme APT actors
21. hxxp://kvhmod3vuhc6yrkv[.]onion
22.  
23. AZORult Stealer - Source Code
24. hxxp://www74.zippyshare[.]com/v/SDznjGAy/file.html
25.  
26. Alcatraz Locker Admin Panel - Ransomware Source Code
27. http://185.62.189.221/admin/login.php
28.  
29. GandCrab Ransomware
30. nomoreransom[.]bit
31.  
32. Zyklon HTTP - Source Code
33. hxxp://www59.zippyshare[.]com/v/kugrSYDt/file.html
34.  
35. Alcatraz Locker Admin Panel - Ransomware
36. Delete Bot
37. http://185.62.189.221/admin/login.php
38. http://185.62.189.221/Ransomware.exe
39.  
40. Loki and Pony - Control Panels
41. hxxp://svit-zer[.]com
42.  
43. Mining in a botnet - 1ms0rry MINERPANEL - Control Panel
44. hxxp://www.iplaymobporn[.]com/index.php
45.  
46. Tor Network - BlaCk Market - Bad Boys, Bad Boys Everywhere!!
47. hxxp://darknetncj7k6wzk[.]onion/ads/oc-admin/index.php?page=logi
48.  
49. Bankbot - Android
50. hxxp://bot.mymaster-rem.ru
51.  
52. Pony - Control Panels
53. hxxp://zh-op.ml/reef/town/admin.php
54. hxxp://busgrab.ml/open/flex/admin.php
55. hxxp://densed.ml/fade/make/admin.php
56. hxxp://aframe.ga/anti/fran/admin.php
57. hxxp://mobview.ml/kame/rash/admin.php
58.  
59. http://oceauma.com/sitemap/togo7/admin.php --> Pony
60. http://oceauma.com/sitemap/togo6/admin.php --> Pony
61. http://oceauma.com/sitemap/togo5/admin.php --> Pony
62. http://oceauma.com/sitemap/togo4/admin.php --> Pony
63. http://oceauma.com/sitemap/togo3/admin.php --> Pony
64. http://oceauma.com/sitemap/togo2/admin.php --> Pony
65. http://oceauma.com/sitemap/panel/admin.php --> Pony
66. http://oceauma.com/sitedata/chile/admin.php --> Pony
67. http://darkbastard.com.de/aguta/panel/admin.php
68. http://darkbastard.com.de/chimela/panel/admin.php
69. http://darkbastard.com.de/david/panel/admin.php
70. http://darkbastard.com.de/isdore/panel/admin.php
71. http://darkbastard.com.de/iyke/panel/admin.php
72. http://darkbastard.com.de/jay/panel/admin.php
73. http://darkbastard.com.de/jaysman/panel/admin.php
74. http://darkbastard.com.de/krosko/panel/admin.php
75. http://darkbastard.com.de/oscar/panel/admin.php
76. http://darkbastard.com.de/teddy/panel/admin.php
77. http://patogroup.cf/pato5/admin.php
78. http://patogroup.cf/pato3/admin.php
79. http://patogroup.cf/pato2/admin.php
80. http://patogroup.cf/pato1/admin.php
81. http://favourofgod.cf/panel/admin.php
82. http://juliedclient.org.in/wzlog/foursell31july-31aug/admin.php
83. http://juliedclient.org.in/wzlog/sellythree-31july-31aug/admin.php
84. http://juliedclient.org.in/wzlog/foursell31july-31aug/admin.php
85. http://ho7rcj6wucosa5bu.onion.link/login.php
86.  
87. Unknown Miner Panel - Control Panel
88. hxxp://109.234.36.233/
89.  
90. Adoble Flash Player
91. http://kovabe.pornogirl4u.ru/
92. http://sctidxj.pornogirl4u.ru
93. http://retro.pornogirl4u.ru/
94.  
95. Mosad - Build by Redo
96. hxxp://www.x1i9v5[.]net/awzu/
97. hxxp://servicioylogistica[.]com/tes/
98. hxxp://cul8er[.]net/test/
99. hxxp://k5v30x[.]net/axyo/
100.  
101. Bilal Ghouri
102. http://darkbastard.com.de/rolex/PHP/
103. http://darkbastard.com.de/kenedy/PHP/
104.  
105. MegalodonHTTP
106. hxxp:timaya[.]ru/Panel/login.php
107.  
108. Android Banking Trojan - FlexNet - From Russia with Love - Control Panel - Source Code
109. hxxp://getmygoodideas[.]win
110.  
111. MazAr Botnet - Android Botnet - Commands
112. http://antisec-security.blogspot.kr/2016/11/mazar-botnet-source-code-android-botnet.html
113.  
114. Russian Ransomware with Love -
115. unlckr@protonmail.com
116. hxxp://n3r2kuzhw2h7x6j5[.]onion
117.  
118. Linken Sphere - The most safety and user friendly antidetect in the world .. 🧐🧐 .. We are pleased to bring to your attention the most convenient and safe tool for working in the Internet ..
119. hxxps://ls.tenebris.cc
120.  
121. AZORult : hxxp://iddqdp.pw/
122. Lite HTTP : hxxp://185.170.43.187/wjsjltaipbnypilx/
123. Kronos : hxxp://casaroyai.com/op-kron/login.php
124. Safe Loader : hxxp://user72247.7ci.ru/
125.  
126. Dark_VNC - Control Panel
127. hxxp://37.48.125.112/login.php
128. hxxp://95.211.100.137/login.php
129. hxxp://144.217.139.136/login.php
130. hxxp://81.171.14.130/login.php
131.  
132. iSpy Premium
133. http://www.shipment.org.uk/panel/login
134. admin:chima12
135. http://ud1.minervamarines.com/panel/login
136. admin:admin
137.  
138.  
139. Plasma HTTP :
140. http://pn8.pw/p/login.php
141. Blue Botnet :
142. http://kingstress.net/login.php
143. Diamond Fox Botnet v2 :
144. http://grenmill.com/diamond/
145. Citadel Botnet :
146. http://nolimitme.com/999/cp.php?m=login
147. Pony Botnet v2.2 :
148. http://telecomtrust.in/p/admin.php
149. ZeuS Botnet :
150. http://telecomtrust.in/z/cp.php?m=login
151. Chrome Form Grabber :
152. http://telecomtrust.in/grab/index.php?p=login
153. iSpy Premium :
154. http://www.thebrandsanctuary.com/panel/login
155. Bilal Ghouri - Stealer :
156. http://ajr-insuranceintl.com/js/
157.  
158. Pony + Anonymous
159. http://eternity-hacks.ru/admin.php
160. http://stealermi.mcdir.ru/admin.php
161.  
162. ZeuS Botnet.
163. http://diagnosticdubai.com/uzoma/cp.php?m=login
164. http://diagnosticdubai.com/Cabin/cp.php?m=login
165. http://diagnosticdubai.com/David/cp.php?m=login
166. http://diagnosticdubai.com/UCHE/cp.php?m=login
167. http://diagnosticdubai.com/meadmin/cp.php?m=login
168. http://diagnosticdubai.com/oc/cp.php?m=login
169. http://diagnosticdubai.com/otunne/cp.php?m=login
170.  
171. AB Stealer
172. hxxp://hfw-server.xyz/stee/
173. hxxp://verifydox.life/Ab/
174.  
175. Pony Botnet
176. http://eternity-hacks.ru/admin.php
177. http://stealermi.mcdir.ru/admin.php
178. http://private1.mcdir.ru/admin.php
179.  
180. Dark_VNC - Control Panel - From Russia - Source Code
181. hxxp://37.48.125.112/login.php
182.  
183. LiteHTTP - Process : stdafx.exe => "NVDisplay.exe" --api --server
184. http://zec.suprnova.cc --user badgateway.1 --pass x --port 2142
185.  
186. Brazilian Banking Trojan - Control Panel
187. hxxp://multimarcas2017.web6203.kinghost[.]net/lor/
188.  
189. Threat Actors for Ransomware
190. ------------------
191. Nemesis Ransomware - ALL YOUR WORK AND PERSONAL FILES HAVE BEEN ENCRYPTED - You can find out the details / buy decryptor + key / ask questions by email: MerlinGudvadlon@protonmail.com - hxxp://jz3sncvmveprhihk.onion
192. ------------------
193. All your files have been encrypted! All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail decrypt.guarantee@aol.com
194. ------------------
195. All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail rememberggg@tutanota.com.You have to pay for decryption in Bitcoins
196. ------------------
197. Ransomware - Your network has been penetrated. Backups were either encrypted or deleted or backup disks were formatted - Victim : 124 - Contact email: 1173022@protonmail.com
198. ------------------