Gunra

Compare

Parsing: enabled

Description

Gunra is an emerging ransomware group first identified in April 2025. It employs a classic double-extortion model—encrypting sensitive data and exfiltrating it for publication via a Tor-hosted leak site. Since its emergence, Gunra has struck a diverse set of global targets—reportedly spanning sectors like manufacturing, healthcare, IT, real estate, agriculture, and consulting in countries including Brazil, Japan, Canada, Turkey, South Korea, Taiwan, Egypt, and the U.S.

External Analysis5

External Analysis
https://www.trendmicro.com/en_us/research/25/g/gunra-ransomware-linux-variant.html
https://www.darkreading.com/threat-intelligence/nimble-gunra-ransomware-linux-variant
https://industrialcyber.co/ransomware/cyfirma-warns-of-gunra-ransomware-surge-targeting-critical-infrastructure-using-double-extortion
https://watchguard.com/wgrd-security-hub/ransomware-tracker/gunra
https://theravenfile.com/2025/09/23/gunra-ransomware-what-you-dont-know/

Mail1

Mail
a00f105546345756@proton.me

Tox1

Tox
2507312EC10BB44ED9DAA04E3C5C27E8C13154649B1A02E73ACFAE1681EE0208D05133A8FB22

Urls1

Url	Status	Screen	Uptime 30d	Health
http://gunrabxbig445sjqa535uaymzerj6fp4nwc6ngc2xughf2pedjdhk4ad.onion/	Up		50%

Chat servers3

Url	Status	Uptime 30d
http://2bw7r32r5eshwk2h7uekj3lwzorxds2jyhyzqyilphid3r27x5hsf4yd.onion	Down	0%
http://jzbhtsuwysslrzi2n5is3gmzsyh6ayhm7jt3xowldhk7rej4dqqubxqd.onion/	Down	0%
http://vrlgjxbl6yroq26xkcjpafgmmxrlpawvr4agppna6apfxjxav2mq66ad.onion	Down	0%

Activity (interactive) 20

Posts20

Date	Title	Description	Screen
2025-10-01	miraense.com \| 8TB internal documents, 2TB billing database	miraense.com \| 8TB internal documents, 2TB billing database	Screen
2025-09-10	hwacheon \| 265GB Financial Documents (will add more\|not fully published yet)	hwacheon \| 265GB Financial Documents (will add more\|not fully published yet)	Screen
2025-09-03	Samwha Capacitor Group \| 114GB Financial Documents	Samwha Capacitor Group \| 114GB Financial Documents	Screen
2025-08-18	SEGUROS AMÉRICA	SEGUROS AMÉRICA	Screen
2025-08-04	Seoul Guarantee Insurance \| 13.2T pure compressed oracle database	Seoul Guarantee Insurance \| 13.2T pure compressed oracle database	Screen
2025-08-04	SEGUROS AMÉRICA \| 1 Million customer data	SEGUROS AMÉRICA \| 1 Million customer data	Screen
2025-07-14	American Hospital Dubai \| 40TB	Industry: Health Care \| Location: Dubai, UAE \| https://www.ahdubai.com	Screen
2025-07-14	Justicia Penal Militar \| 45TB	Industry: Gobierno \| Location: Colombia \| http://www.justiciamilitar.gov.co/home	Screen
2025-06-06	ACCS Le Groupe	Industry: Building automation, systems integration, and energy optimization for smart buildings	Screen
2025-06-05	American Hospital Dubai	Industry: Healthcare Service	Screen
2025-06-05	Olho D'Água Distribuidora	Industry: Water distribution and tanker truck services	Screen
2025-06-05	Anjos Ramos	Industry: Advocacy / Law Firm	Screen
2025-06-05	Adria Grupa	Industry: Facilities Management & Commercial Cleaning, Business Services	Screen
2025-05-12	Grupo Jorge Batista	Industry: E-Commerce	Screen
2025-05-04	TOMOKU CO., LTD.	Industry: Paper/Soft Products	Screen
2025-04-28	Bioprofarma Bagó S.A	Industry: Pharmaceuticals	Screen
2025-04-27	KLINGER Italy	Industry: Level Gauges, valves and industrial gaskets	Screen
2025-04-23	Varela Hermanos	Industry: Beverage Manufacturing Location: Panama Publish Date: Expired URL: varelahermanos.com
2025-04-23	Dar Al Teb	Industry: Hospital & Healthcare Location: Egypt Publish Date: Expired URL: daralteb.com
2025-04-23	Shinko Shoji	Industry: Real Estate Location: Japan Publish Date: Expired URL: www.shinkocorp.co.jp