FORMA Ransomware is a HiddenTear derivative apparently target toward Polish population. It encrypts files using AES and demands ransom in BTC.
Katyusha Ransomware encrypts user data with AES, and then requires a 0.5 BTC ransom to return files. An extension is added to the encrypted files: .katyusha
DarkGate Ransomware is targeted to Europe and specifically towards Spain and France users. DarkGate has several capabilities including crypto mining, stealing credentials from crypto wallets (crypto stealing), ransomware and remote access and control.
Delphimorix Ransomware is a Borland Delphi 7 encrypt files using RC6 algorithm and demands a ransom of 101.5 BTC.
IEncrypt Ransomware encrypts company data with AES, and then requires a ransom in BTC to return files. It bear false copyright: Microgaming ©. The following pattern is added to the encrypted files: .PCname_of_company In the presented example, the company KRAUSS-MAFFEI (Germany) was attacked and the name of the PC was used.