Threat Actor Profile
Low
Cybercriminal
Description
Pandora ransomware was obtained by vx-underground at 2022-03-14.
Confidence Score
Tags
ransomware
ransomware.live
First Seen
Unknown
Last Updated
Unknown
Active Status
ActiveCreated
April 29, 2026
Indicators of Compromise
Loading IOCs…
IOC KQL for Sentinel
STIX Data
{'added_date': None,
'client': '2003264@sit.singaporetech.edu.sg',
'description': 'Pandora ransomware was obtained by vx-underground at '
'2022-03-14.\n',
'firstseen': '2022-03-17T10:07:14.618956+00:00',
'group': 'pandora',
'has_negotiations': False,
'has_ransomnote': False,
'lastseen': '2022-03-30T19:26:24.820390+00:00',
'locations': [{'available': False,
'fqdn': 'pandoraxyz.xyz',
'slug': 'http://pandoraxyz.xyz',
'title': '',
'type': 'DLS'},
{'available': False,
'fqdn': 'vbfqeh5nugm6r2u2qvghsdxm3fotf5wbxb5ltv6vw77vus5frdpuaiid.onion',
'slug': 'http://vbfqeh5nugm6r2u2qvghsdxm3fotf5wbxb5ltv6vw77vus5frdpuaiid.onion',
'title': 'Pandora Data Leak',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 0,
'tiaras_metadata': {'has_negotiations': False,
'has_ransomnote': False,
'locations': [{'available': False,
'fqdn': 'pandoraxyz.xyz',
'slug': 'http://pandoraxyz.xyz',
'title': '',
'type': 'DLS'},
{'available': False,
'fqdn': 'vbfqeh5nugm6r2u2qvghsdxm3fotf5wbxb5ltv6vw77vus5frdpuaiid.onion',
'slug': 'http://vbfqeh5nugm6r2u2qvghsdxm3fotf5wbxb5ltv6vw77vus5frdpuaiid.onion',
'title': 'Pandora Data Leak',
'type': 'DLS'}],
'negotiation_count': 0,
'ransomnotes_count': 0,
'ransomware_live_group': 'pandora',
'tools': {},
'url': 'https://www.ransomware.live/group/pandora',
'victims': 5,
'vulnerabilities': []},
'tiaras_source': 'ransomware.live',
'tools': {},
'ttps': [],
'url': 'https://www.ransomware.live/group/pandora',
'victims': 5,
'vulnerabilities': []}