Black Worm Ransomware encrypt user data with BTC and demand ranwom in BTC. Encrypted files have .bworm extension appended to them.
FORMA Ransomware is a HiddenTear derivative apparently target toward Polish population. It encrypts files using AES and demands ransom in BTC.
Katyusha Ransomware encrypts user data with AES, and then requires a 0.5 BTC ransom to return files. An extension is added to the encrypted files: .katyusha
DarkGate Ransomware is targeted to Europe and specifically towards Spain and France users. DarkGate has several capabilities including crypto mining, stealing credentials from crypto wallets (crypto stealing), ransomware and remote access and control.
Delphimorix Ransomware is a Borland Delphi 7 encrypt files using RC6 algorithm and demands a ransom of 101.5 BTC.