Gunra
Parsing : Enabled
Description
Gunra is an emerging ransomware group first identified in April 2025. It employs a classic double-extortion model—encrypting sensitive data and exfiltrating it for publication via a Tor-hosted leak site. Since its emergence, Gunra has struck a diverse set of global targets—reportedly spanning sectors like manufacturing, healthcare, IT, real estate, agriculture, and consulting in countries including Brazil, Japan, Canada, Turkey, South Korea, Taiwan, Egypt, and the U.S.
| External Analysis |
| https://www.trendmicro.com/en_us/research/25/g/gunra-ransomware-linux-variant.html |
| https://www.darkreading.com/threat-intelligence/nimble-gunra-ransomware-linux-variant |
| https://industrialcyber.co/ransomware/cyfirma-warns-of-gunra-ransomware-surge-targeting-critical-infrastructure-using-double-extortion |
| https://watchguard.com/wgrd-security-hub/ransomware-tracker/gunra |
| https://theravenfile.com/2025/09/23/gunra-ransomware-what-you-dont-know/ |
| Mail |
| a00f105546345756@proton.me |
| Tox |
| 2507312EC10BB44ED9DAA04E3C5C27E8C13154649B1A02E73ACFAE1681EE0208D05133A8FB22 |
| Urls |
Screen |
| http://gunrabxbig445sjqa535uaymzerj6fp4nwc6ngc2xughf2pedjdhk4ad.onion/ |
Screen |
| Chat servers |
Screen |
| http://2bw7r32r5eshwk2h7uekj3lwzorxds2jyhyzqyilphid3r27x5hsf4yd.onion |
Screen |
| http://jzbhtsuwysslrzi2n5is3gmzsyh6ayhm7jt3xowldhk7rej4dqqubxqd.onion/ |
Screen |
| http://vrlgjxbl6yroq26xkcjpafgmmxrlpawvr4agppna6apfxjxav2mq66ad.onion |
|
Posts
| Date |
Title |
Description |
Screen |
| 2025-10-01 |
miraense.com | 8TB internal documents, 2TB billing database |
miraense.com | 8TB internal documents, 2TB billing database |
Screen |
| 2025-09-10 |
hwacheon | 265GB Financial Documents (will add more|not fully published yet) |
hwacheon | 265GB Financial Documents (will add more|not fully published yet) |
Screen |
| 2025-09-03 |
Samwha Capacitor Group | 114GB Financial Documents |
Samwha Capacitor Group | 114GB Financial Documents |
Screen |
| 2025-08-18 |
SEGUROS AMÉRICA |
SEGUROS AMÉRICA |
Screen |
| 2025-08-04 |
Seoul Guarantee Insurance | 13.2T pure compressed oracle database |
Seoul Guarantee Insurance | 13.2T pure compressed oracle database |
Screen |
| 2025-08-04 |
SEGUROS AMÉRICA | 1 Million customer data |
SEGUROS AMÉRICA | 1 Million customer data |
Screen |
| 2025-07-14 |
American Hospital Dubai | 40TB |
Industry: Health Care | Location: Dubai, UAE |
https://www.ahdubai.com |
Screen |
| 2025-07-14 |
Justicia Penal Militar | 45TB |
Industry: Gobierno | Location: Colombia |
http://www.justiciamilitar.gov.co/home |
Screen |
| 2025-06-06 |
ACCS Le Groupe |
Industry: Building automation, systems integration, and energy optimization for smart buildings |
Screen |
| 2025-06-05 |
American Hospital Dubai |
Industry: Healthcare Service |
Screen |
| 2025-06-05 |
Olho D'Água Distribuidora |
Industry: Water distribution and tanker truck services |
Screen |
| 2025-06-05 |
Anjos Ramos |
Industry: Advocacy / Law Firm |
Screen |
| 2025-06-05 |
Adria Grupa |
Industry: Facilities Management & Commercial Cleaning, Business Services |
Screen |
| 2025-05-12 |
Grupo Jorge Batista |
Industry: E-Commerce |
Screen |
| 2025-05-04 |
TOMOKU CO., LTD. |
Industry: Paper/Soft Products |
Screen |
| 2025-04-28 |
Bioprofarma Bagó S.A |
Industry: Pharmaceuticals |
Screen |
| 2025-04-27 |
KLINGER Italy |
Industry: Level Gauges, valves and industrial gaskets |
Screen |
| 2025-04-23 |
Varela Hermanos |
Industry: Beverage Manufacturing
Location: Panama
Publish Date: Expired
URL: varelahermanos.com
|
|
| 2025-04-23 |
Dar Al Teb |
Industry: Hospital & Healthcare
Location: Egypt
Publish Date: Expired
URL: daralteb.com
|
|
| 2025-04-23 |
Shinko Shoji |
Industry: Real Estate
Location: Japan
Publish Date: Expired
URL: www.shinkocorp.co.jp
|
|