This ransomware encrypts user data with Salsa20, and then requires you to write to email to learn how to pay the ransom and return the files.

Loda RAT, first detected in 2017 which now slowly matures up into an effective remote access Trojan, yet simple. It steal username/passwords, session cookies and can take screenshots too. Its current version in wild is 1.1.1.

Ragnar Locker Ransomware (not to be confused with Ragnarok Ransomware) is designed to kill the services of several managed service providers (MSP) products including remote management software (RMM) and remote admin tools by PulseWay, LogMeIn, ConnectWise, SplashTop, and Kaseya.

HorseDeal ransomware exploits the newly discovered vulnerability in Microsoft Windows CryptoAPI's (Crypt32.dll) verification procedure fro Elliptic Curve Cryptography (ECC) certificates. This vulnerability is also know as Curveball or Chain of Fools Vulnerability.

Predator the Thief was started as an experimental malware which now turn into a real beast. It is a stealthy malware that focuses on stealing credentials and sensitive information like usernames, passwords, browser data, crypto wallet and payment data.