Lilith Ransomware is yet another ransomware that does double-extortion attacks, which is when the threat actors steal data before encrypting devices
RedAlert ransomware or N13V ransomware targets both Windows and Linux VMWare ESXi servers in attacks on corporate networks. The ransomware is named after a string in the ransom text, but the threat actors internally refer to it as N13V, which is the original name of this threat.
AstraLocker 2.0 is closely related to Babuk Ransomware. It encrypts user data and ask $50 USD in XMR (monero) coin. It is distributes via phishing campaigns as Microsoft Office Word documents attachments.
DarkAngels Ransomware is yet another derivative of Babuk Ransomware. It is very similar to HelloXD Ransomware in term of functionalities. Reports on Dark Angels suggest that each ransomware sample is targeted specifically for a given organization.
This ransomware encrypts user data and then requires them to visit the ransomware website to learn how to pay a ransom and get their files back.