SecneurX Research & Insights

Cybersecurity Intelligence
From the Front Lines

Deep-dive research, threat intelligence reports, APT analysis, and expert insights from India's leading indigenous cybersecurity team.

Featured

Latest from the Lab

Our researchers and analysts share what they're discovering — from zero-day analysis to nation-state TTPs.

What is Ahtw Ransomware
Research Jul 10, 2023

What is Ahtw Ransomware

Ahtw is ransomware that belongs to the Djvu/Stop Ransomware family. Analysts at SecneurX observed that among the prominent ransomware attacks, Ahtw encrypts victim files and demands a ransom payment — our full technical analysis covers the infection chain, file encryption routine, and mitigation steps.

What is Neon Ransomware
Research Jun 13, 2023

What is Neon Ransomware?

Neon is a ransomware that belongs to the Djvu/Stop Ransomware family. Analysts at SecneurX observed that it encrypts victim files and appends the .neon extension. Our team provides a full technical breakdown including persistence mechanisms and decryption guidance for affected victims.

What is Neqp Ransomware
Research Jun 13, 2023

What is Neqp Ransomware?

Neqp is a ransomware that belongs to the Djvu/Stop Ransomware family. Analysts at SecneurX analyzed a live sample — documenting behavioral patterns, file encryption routines, and recommended mitigation strategies for organizations affected by this Djvu/Stop variant.

What is Xash Ransomware
Research May 15, 2023

What is Xash Ransomware?

Xash is ransomware that belongs to the Djvu/Stop Ransomware family. Analysts at SecneurX observed that it targets Windows systems, encrypting files across all user directories and demanding payment via email communication with the threat actor. Full IOC list included.

What is Gash Ransomware
Research May 10, 2023

What is Gash Ransomware?

Gash is ransomware that belongs to the Djvu/Stop Ransomware family. Analysts at SecneurX observed that this variant deploys a bundled information stealer alongside encryption, targeting browser credentials and cryptocurrency wallets in addition to file ransoming.

What is Qopz Ransomware
Research May 8, 2023

What is Qopz Ransomware?

Qopz is ransomware that belongs to the Djvu/Stop Ransomware family. Analysts at SecneurX observed that among the prominent ransomware variants, Qopz uses AES-256 encryption and communicates with C2 servers to receive unique decryption keys per victim machine.

Beware of Fake Chrome Update
Threat Intel May 3, 2023

BEWARE OF FAKE CHROME UPDATE

SecneurX Analysts found a Fake Chrome Update campaign. Malware authors used compromised websites to display fake Google Chrome update prompts, delivering malware to unsuspecting users who believed they were installing a legitimate browser update.

What is Dark Power Ransomware
Research Apr 10, 2023

What is Dark Power Ransomware?

SecneurX Analysts found Dark Power Ransomware in the wild. Dark Power ransomware encrypts files and appends its extension ('.dark_power') to filenames. Our analysis covers its attack chain, persistence mechanisms, ransom note structure, and key indicators of compromise for detection.

Malware Abusing Microsoft OneNote
Threat Intel Mar 9, 2023

Malware Starts up Abusing Microsoft's OneNote

Analysts at SecneurX have found that the Redline malware is abusing Microsoft's OneNote to spread malware. OneNote is one of the most trusted Microsoft apps — making this vector especially effective at evading user suspicion and security filters while delivering its payload.

0+
Research Articles Published
0M+
Samples Analysed in Sandbox
0+
IOCs Published to Community
0+
APT Groups Tracked
See It in Action

The Threat Intelligence You Read About — Now Protecting You

Every insight in this blog comes from live data processed through SecneurX's detection engines. See how our products put this intelligence to work for your organisation.

Request a Live Demo Explore Threat Intel Platform