Ransomware IOC Feed

PrecisionSec is actively tracking several ransomware families including Conti Ransomware, Maze, Ryuk, BitPaymer, DoppelPaymer and others. Ransomware is the most prolific and dangerous threat in today’s landscape and it is essential for every organization to have an accurate, up-to-date feed of ransomware IOC’s. We also maintain ransomware IOC feeds for previously active families that are no longer in operation including GandCrab and Locky.

In many cases, a ransomware incident is preceded by a precursor malware infection, such as Emotet or Trickbot. The initial foothold is made using the loader malware. The attackers then move laterally through the organization using tools such as Cobalt Strike, and subsequently deploy a devastating ransomware attack once the organization’s domain controller has been compromised.

Below you will find the most recent ransomware IOC’s from our feed. Please note the data below is intentionally delayed by 48 hours. For live threat intelligence data including IOC’s from currently active ransomware families, please sign up for a free trial.

Recent Ransomware IOCs

URL / IP / MD5 Date Added
916b3ca9e49bf2f3e104546eaaaf2a9c 2023-08-16 10:45:42
f822dd491dcd920c6c2f83f677758cfc 2023-08-14 17:38:55
91050afce2057c075b009ae464326dfb 2023-08-14 16:54:25
5adda548b167701522e79f1c56692d79 2023-08-14 10:53:29
6eae5ad5755689d8327314ae0fefa0d4 2023-08-13 17:30:14
9ee00a89e47fb1e753d139691cc10e65 2023-08-13 09:22:06
4fc8a187f6d2efe15e9d060bcf18c317 2023-08-12 17:30:13
3745852d8e2b4f6846d4133f11bd8865 2023-08-12 15:20:13
e7ea2735662e9869f57f8b8cbb0f89bc 2023-08-12 09:20:58
a6490058e07dae2c1f3d27af35672fa9 2023-08-11 18:52:46

Ready to see all of our data?

If you’re ready to take a look at our full set of data, click below to start your 15-day Free Trial.

Sign Up for a Free Trial