INC Ransom is a prolific ransomware-as-a-service operation active since July 2023 that systematically targets healthcare, government, education, and manufacturing sectors in North America and Europe, having posted over 200 victims in 2025 alone with no sector off-limits.
Genera un perfil del actor con IA (defensivo) cuando lo pidas.
Este grupo no tiene TTPs curadas. Puedes generar un mapeo MITRE ESTIMADO por IA (no confirmado) a partir de su descripción/notas, solo cuando lo pidas.
Firma de detección defensiva para este grupo (úsala en tu EDR/SIEM). Fuente: ransomware.live.
/*
Inc. ransomware
*/
rule Inc
{
meta:
author = "rivitna"
family = "ransomware.inc"
description = "Inc. ransomware Windows payload"
severity = 10
score = 100
strings:
$h0 = { 6A 00 6A 00 6A 18 8D [3-4] 5? 68 28 C0 53 00 }
$h1 = { 6A 00 68 80 00 00 00 6A 03 6A 00 6A 03 [0-16] 68 9F 01 12 00
[0-8] C7 44 24 ?? 2E 00 5C 00 }
$h2 = { 6A 20 FF 35 [4] FF 15 [8-12] 8A 4? 1F 80 2? F8 24 3F 0C 40
88 4? 1F }
$s0 = "\x00Q:\\\x00W:\\\x00E:\\\x00R:\\\x00T:\\\x00Y:\\\x00U:\\" wide
$s1 = "PGh0bWw+DQoJPGhlYWQ+DQoJCTx0aXRsZT5JbmMuIFJhbnNvbXdhcmU8" ascii
$s2 = "\\background-image.jpg\x00" wide
$s3 = "\x00--lhd\x00" wide
$s4 = "\x00--ens\x00" wide
$s5 = "\x00--sup\x00" wide
$s6 = " delete shadow copies from %c:/ " wide
$s7 = "\x00[+] Start encryption of" wide
$s8 = "[+] Encrypting: %s\n" wide
$s9 = "[+] Found drive: %s" wide
$s10 = " [+] Mounted %s\n" wide
$s11 = " [-] Failed to mount %s Error: %d\n" wide
$s12 = "[*] Count of arguments: %d\n" wide
$s13 = "[-] Please, add \"/\" to the end of directory!\n" wide
$s14 = "[*] Settings:\n" wide
$s15 = " [%s] Stop using process\n" wide
$s16 = " [%s] Encrypt network shares\n" wide
$s17 = " [%s] Load hidden drives\n\n" wide
$s18 = "[*] Loading hidden drives...\n" wide
$s19 = "[*] Starting full encryption in 5s" wide
$s20 = "[+] Start sending note to printers...\n" ascii
$s21 = "[+] Count of printers: %d\n" ascii
condition:
((uint16(0) == 0x5A4D) and (uint32(uint32(0x3C)) == 0x00004550)) and
(
(7 of ($s*)) or
((1 of ($h*)) and (3 of ($s*)))
)
}
www.personadental.com Persona Dental offers personalized dental care for families in Sartell, MN, focusing on both general and specialized services such as cosmetic dentistry, dental implants, and solutions for snoring and sleep apnea. The clinic prides itself on creating a comfortable environment and empowering patients to make informed decisions about their dental health. With a friendly and experienced team, they provide comprehensive care under one roof, ensuring convenience for their clients. Persona Dental is dedicated to building confidence and achieving the best smiles for their patients
| Organización | País | Sector | Grupo | Descubierta |
|---|---|---|---|---|
| kelmreuter.com | US | Business Services | — | 6 jun 2026 |
| obrieneng.com | US | Construction | — | 5 jun 2026 |
| Stuga Machinery | GB | Manufacturing | — | 4 jun 2026 |
| pdcbodynits | SG | Not Found | — | 4 jun 2026 |
| CUSTOMSIGN | US | Business Services | — | 4 jun 2026 |
| Colina Financial Advisors | BS | Financial Services | — | 3 jun 2026 |
| Oztugotomotiv | TR | Manufacturing | — | 3 jun 2026 |
| trrac.net | US | Transportation/Logistics | — | 2 jun 2026 |
| Bradley law firm | US | Business Services | — | 1 jun 2026 |
| Champaign-Urbana Public Health District | US | Public Sector | — | 1 jun 2026 |
| www.labexpress.com | US | Business Services | — | 30 may 2026 |
| belimed.com | US | Healthcare | — | 29 may 2026 |
| lawants | ES | Business Services | — | 28 may 2026 |
| sanver.com.mx | MX | Business Services | — | 5 may 2026 |
| Empresa de Transportes Via Pajuçara Ltda. | BR | Transportation/Logistics | — | 27 feb 2026 |
| www.pucobre.cl | CL | Energy | — | 2 feb 2026 |
| PK PINHÃO & KOIFFMAN ATTORNEYS AT LAW | BR | Business Services | — | 30 ene 2026 |
| DIEHL & CELLA ADVOGADOS ASSOCIADOS | BR | Business Services | — | 30 ene 2026 |
| OAB | BR | Business Services | — | 23 ene 2026 |
| latamlex (gyg.local) | CR | Business Services | — | 12 nov 2025 |
| Grupo Via Argentina | AR | Construction | — | 12 nov 2025 |
| Vitalmex | MX | Healthcare | — | 3 nov 2025 |
| DILOSA FOOD COMPANIES | SV | Agriculture and Food Production | — | 29 oct 2025 |
| Cobra Rolamentos e Autopeças | BR | Manufacturing | — | 5 oct 2025 |
| Manjarrez Impresores | MX | Business Services | — | 29 sept 2025 |
| Republica De Panama | PA | Public Sector | — | 9 sept 2025 |
| BDO Perú | PE | Financial Services | — | 29 ago 2025 |
| Manesa | MX | Not Found | — | 29 ago 2025 |
| Quadrangle Imaging Center | PR | Healthcare | — | 22 ago 2025 |
| www.lincecomercial.com | CO | Telecommunication | — | 24 jul 2025 |
| Sementes Jotabasso | BR | Agriculture and Food Production | — | 23 jul 2025 |
| National Institute of Water Resources | DO | Public Sector | — | 14 jul 2025 |
| Fund for Reformed Companies (FONPER) | DO | Financial Services | — | 25 jun 2025 |
| AFECC - Hospital Santa Rita de Cássia | BR | Healthcare | — | 19 jun 2025 |
| Morar Construtora e Incorporadora LTDA | BR | Construction | — | 19 jun 2025 |
| iscamen | AR | Agriculture and Food Production | — | 5 jun 2025 |
| Universidad Técnica del Norte Ecuador | EC | Education | — | 1 jun 2025 |
| Boombah Inc. | DO | Manufacturing | — | 9 ago 2024 |
| Ejército del Per | PE | Public Sector | — | 25 mar 2024 |
| SCOLARI Srl | BR | Manufacturing | — | 17 nov 2023 |
Las direcciones de los sitios de filtración (.onion) se conocen pero no se publican ni se enlazan. Solo se muestran metadatos públicos. ética
contract nda confidential gov\dot\military\va\sam.gov other
Stuga Machinery Ltd specializes in designing and manufacturing precision sawing and machining centers for the fenestration industry, serving clients primarily in the UK and Ireland. With over 50 years of experience, the company offers a range of fully automated cutting and prepping centers, as well as refurbishment services for existing machinery. As a subsidiary of Stürtz GmbH, Stuga combines British engineering with international innovation, providing reliable local support and access to global technical resources. Their commitment to customer service includes lifecycle support, genuine parts supply, and tailored service contracts to ensure optimal machine performance
Bodynits Group is a leading apparel manufacturer specializing in design and innovation, offering comprehensive manufacturing solutions.Access was gained to accounting and finance, all asset management systems, client databases, employee personal data, non-disclosure agreements, as well as developments and technologies.
About Custom Sign & Engineering Custom Sign & Engineering, Inc. specializes in creating high-quality, custom commercial digital signs and billboards in Evansville, Indiana. The company offers a wide range of products, including LED dimensional letters, monumental signs, and information displays, all designed to meet the specific needs of businesses. The company is committed to providing customer-focused services at competitive prices and with free estimates. It serves clients in three states—Illinois, Indiana, and Kentucky—helping businesses enhance their visibility and brand image through eye-catching signage. Translated with ***.com (free version)
Colina Financial Advisors Limited (CFAL) is a prominent, independent wealth management and investment advisory firm based in Nassau, The Bahamas. Established in 1997, it serves as the investment arm of Colina Holdings Ltd.. The firm provides diverse financial services to both individual and institutional clients. While customers continue to entrust the company with their money, senior executives are actively working to cover up a major data breach involving approximately 500 GB of highly confidential data. The leak includes, but is not limited to: 1. Client Personally Identifiable Information (PII) 2. Client Financial Profiles & Asset Data 3. Proprietary Business Intel & System Data 4. Holistic Estate & Legal Planning 5. Regulatory & Compliance Records Stay tuned for further updates.