Classic Brechas Mapa Actores TTP Matrix Analitica Alertas CyberNews Arsenal Exploits KillChain Origen SSLBL RansomLook

adminlocker

1 incidentes 1 paises 0 sectores ransomware Ultimo: 2026-05-25

AdminLocker is a ransomware group that first emerged around December 2021, operating as a small, seemingly independent group rather than a Ransomware-as-a-Service model. Its primary motivation is financial gain through encrypting victim data. A distinguishing characteristic is its use of single-extortion tactics, encrypting files without publicly documented data exfiltration, a practice that contrasts with many modern ransomware operations. The group appends unique extensions such as .admin1, .admin2, .admin3, .1admin, .2admin, or .3admin to encrypted files.

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

Tipo	Estado	Host / enlace	Title / ultimo titulo
DLS / onion	unknown	adminavf4cikzbv6mbbp7ujpwhygnn2t3egiz2pswldj32krrml42wyd.onion	adminlocker

Tecnicas MITRE

T1047, T1071.001, T1003.001, T1562.001, T1105, T1486

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →

Data

Recent Browse Trending Stats

Intel

Group URLs Crypto Leaks Notes Analyses Torrents

Info

API Glossary About

Victimas

TTPs unicas

Info robada historica

N/D

Rescates reclamados

N/D

Pagos detectados

N/D

Paises afectados

United States (1)

Paises objetivo (SOCRadar)

United Arab Emirates

Argentina

Azerbaijan

Brazil

Chile

Colombia

Ecuador

Israel

Peru

Singapore

Sectores objetivo (SOCRadar)

Energy & Utilities ManufacturingRetailInformation ServicesFinanceProfessional&Technical ServicesEnterprises & HoldingEducational ServicesHealthCare & Social AssistanceOther