Egregor Ransomware is the successor of Maze Ransomware and Sekhmet Ransomware. Egregor ransomware allegedly compromise and steal data from more than 50 companies including the big fishes like Crytek, Ubisoft, Foxtons Group and Barnes and Noble.
Pay2Key Ransomware apparently target towards business in Brazil and Israel. It looks for open RDP ports and swiftly spreads in entire network with in one hour.
RegretLocker uses a special technique to mount the virtual disk file to individually encrypt each of its files. RegretLocker uses the Windows Virtual Storage API OpenVirtualDisk, AttachVirtualDisk, GetVirtualDiskPhysicalPath to mount virtual disks.
RansomEXX encrypt its victim files with 256-bit key using AES block cipher in ECB mode. The AES key is encrypted by a public RSA-4096 key embedded in the code and appended to each encrypted file. It is initially targeted toward Texas Department of Transportation.
Avaddon ransomware encrypts user data using AES-256 + RSA-2048, and then requires a ransom of $150 to $350 or more in BTC in order to return the files.