Threat Actor Profile
Low
Cybercriminal
Description
Entropy is a ransomware first seen in 1st quarter of 2022, is being used in conjunction of Dridex infection. The ransomware uses a custom packer to pack itself which has been seen in some early dridex samples.
Confidence Score
Tags
ransomware
ransomware.live
First Seen
Unknown
Last Updated
Unknown
Active Status
ActiveCreated
April 29, 2026
Indicators of Compromise
Loading IOCs…
IOC KQL for Sentinel
STIX Data
{'added_date': None,
'client': '2003264@sit.singaporetech.edu.sg',
'description': 'Entropy is a ransomware first seen in 1st quarter of 2022, is '
'being used in conjunction of Dridex infection. The ransomware '
'uses a custom packer to pack itself which has been seen in '
'some early dridex samples. \n',
'firstseen': None,
'group': 'entropy',
'has_negotiations': False,
'has_ransomnote': False,
'lastseen': None,
'locations': [{'available': False,
'fqdn': 'leaksv7sroztl377bbohzl42i3ddlfsxopcb6355zc7olzigedm5agad.onion',
'slug': 'http://leaksv7sroztl377bbohzl42i3ddlfsxopcb6355zc7olzigedm5agad.onion/posts',
'title': 'Entropy hall of fall',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 0,
'tiaras_metadata': {'has_negotiations': False,
'has_ransomnote': False,
'locations': [{'available': False,
'fqdn': 'leaksv7sroztl377bbohzl42i3ddlfsxopcb6355zc7olzigedm5agad.onion',
'slug': 'http://leaksv7sroztl377bbohzl42i3ddlfsxopcb6355zc7olzigedm5agad.onion/posts',
'title': 'Entropy hall of fall',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 0,
'ransomware_live_group': 'entropy',
'tools': {},
'url': 'https://www.ransomware.live/group/entropy',
'victims': 0,
'vulnerabilities': []},
'tiaras_source': 'ransomware.live',
'tools': {},
'ttps': [],
'url': 'https://www.ransomware.live/group/entropy',
'victims': 0,
'vulnerabilities': []}