Gunra is a financially motivated ransomware group that emerged in April 2025, using double-extortion tactics against real estate, pharmaceuticals, and manufacturing sectors across Japan, Egypt, Panama, Italy, and Argentina, deploying separate Windows and Linux variants with a strict five-day payment deadline.
Genera un perfil del actor con IA (defensivo) cuando lo pidas.
Este grupo no tiene TTPs curadas. Puedes generar un mapeo MITRE ESTIMADO por IA (no confirmado) a partir de su descripción/notas, solo cuando lo pidas.
Para detección/bloqueo en tu EDR/SIEM. Fuente: ransomware.live.
Firma de detección defensiva para este grupo (úsala en tu EDR/SIEM). Fuente: ransomware.live.
/*
gunra ransomware
*/
rule gunra_Ransomnote
{
meta:
author = "ransomware.live"
family = "ransomware.gunra"
description = "Detects gunra ransomware ransom note or artifact"
date = "2026-05-04"
severity = 7
score = 70
strings:
$name1 = "gunra" ascii nocase
$name2 = "GUNRA" ascii
$onion = "gunra.onion" ascii nocase
condition:
any of them
}
Your data has been encrypted, and we have taken copies of certain sensitive files. This encryption was carried out for financial reasons, and a payment will be required before we can provide the tools needed to restore your data. You will not be able to restore your data without our assistance. We can ensure full recovery if we work together. To show that we are able to restore your files, we can decrypt a few non-critical files at no cost. If we reach an agreement, we will keep all discussions private and delete the data we took. Please see the contact information below for the next steps. ========================== How to Contact Us ========================== Please download Tor Browser from the URL [redactado] Then install and open it. Then connect to the URL below and log in with the given credentials. Contact URL: [redactado] Client ID: [snip] Initial password: [snip]
[AI generated] N/A
[AI generated] N/A
| Organización | País | Sector | Grupo | Descubierta |
|---|---|---|---|---|
| MHE9 Logística Ltda | BR | Transportation/Logistics | — | 12 jun 2026 |
| Suárez&Clavera | UY | Business Services | — | 12 jun 2026 |
| Cambridge Law Chambers | BS | Business Services | — | 9 jun 2026 |
| STAREMPIRE | VN | Not Found | — | 30 may 2026 |
| SOMAFIX | FR | — | 29 may 2026 | |
| Grupo PyD | AR | Construction | — | 8 abr 2026 |
| Ipiranga Contábil | BR | Business Services | — | 8 abr 2026 |
| miraense.com | BR | Not Found | — | 1 oct 2025 |
| Justicia Penal Militar | CO | Public Sector | — | 18 ago 2025 |
| SEGUROS AMÉRICA | NI | Financial Services | — | 18 ago 2025 |
| Olho D'Água Distribuidora | BR | Transportation/Logistics | — | 26 may 2025 |
| Anjos Ramos | BR | Business Services | — | 24 may 2025 |
| Grupo Jorge Batista | BR | Consumer Services | — | 12 may 2025 |
| Bioprofarma Bagó S.A | AR | Healthcare | — | 28 abr 2025 |
| Varela Hermanos | PA | Manufacturing | — | 23 abr 2025 |
Las direcciones de los sitios de filtración (.onion) se conocen pero no se publican ni se enlazan. Solo se muestran metadatos públicos. ética
[AI generated] N/A
[AI generated] N/A
[AI generated] N/A
[AI generated] Grupo PyD is a Spanish consulting and human resources company operating in Spain. It specializes in personnel selection, recruitment, training, and organizational consulting services for businesses across various sectors. The firm supports companies in talent acquisition, workforce development, and HR management. Based in Spain, it serves both private and public sector clients seeking professional human capital and advisory solutions.