Threat Actor Profile
Medium
Cybercriminal
Confidence Score
Tags
ransomware
ransomware.live
First Seen
Unknown
Last Updated
Unknown
Active Status
ActiveCreated
April 29, 2026
Indicators of Compromise
Loading IOCs…
IOC KQL for Sentinel
STIX Data
{'added_date': None,
'client': '2003264@sit.singaporetech.edu.sg',
'description': None,
'firstseen': '2024-10-25T08:53:03.237754+00:00',
'group': 'hellcat',
'has_negotiations': False,
'has_ransomnote': True,
'lastseen': '2025-04-07T17:51:34+00:00',
'locations': [{'available': False,
'fqdn': 'hellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onion',
'slug': 'http://hellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onion',
'title': 'HellCat - Blog',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion',
'slug': 'http://hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion/api2.php?action=victims',
'title': '404 Not Found',
'type': 'API'},
{'available': False,
'fqdn': 'hellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion',
'slug': 'http://hellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion',
'title': '',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onion',
'slug': 'http://hellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onion',
'title': 'HellCat - Blog',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onion',
'slug': 'http://hellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onion',
'title': 'HellCat - Blog',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onion',
'slug': 'http://hellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onion',
'title': 'HellCat - Blog',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 2,
'tiaras_metadata': {'has_negotiations': False,
'has_ransomnote': True,
'locations': [{'available': False,
'fqdn': 'hellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onion',
'slug': 'http://hellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onion',
'title': 'HellCat - Blog',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion',
'slug': 'http://hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion/api2.php?action=victims',
'title': '404 Not Found',
'type': 'API'},
{'available': False,
'fqdn': 'hellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion',
'slug': 'http://hellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion',
'title': '',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onion',
'slug': 'http://hellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onion',
'title': 'HellCat - Blog',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onion',
'slug': 'http://hellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onion',
'title': 'HellCat - Blog',
'type': 'DLS'},
{'available': False,
'fqdn': 'hellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onion',
'slug': 'http://hellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onion',
'title': 'HellCat - Blog',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 2,
'ransomware_live_group': 'hellcat',
'tools': {},
'url': 'https://www.ransomware.live/group/hellcat',
'victims': 20,
'vulnerabilities': []},
'tiaras_source': 'ransomware.live',
'tools': {},
'ttps': [],
'url': 'https://www.ransomware.live/group/hellcat',
'victims': 20,
'vulnerabilities': []}