ATMWizX was discovered in the fall of 2018 and dispenses all cash automatically, starting with the most valuable ATM cassettes.

FIVEHANDS ransomware uses an embedded NTRU public key. This NTRU key is SHA512 hashed and the first 32 bytes are used as the victim ID within the ransom note. This NTRU pubic key is also used to encrypt each file's symmetric key.

DeathRansom encrypts user files with AES and demands a ransom of 0.1 BTC. It deletes volume shadow copies to ensure the data cannot be restored easily. After the DeathRansom performs file encryption, it will drop ransom note named "read_me.txt" in each encrypted file's directory

ToxicEye is remote access trojan written in C# and is controlled via Telegram. Its main know form of proliferation is via phishing email. If victim is successfully tricked into executing its executable it will install itself silently and install other malware.

Nitro Ransomware encrypts user data and ask them to buy them a Discord gift card worth $9.99 in 3 hours. Although it did not delete any files after 3 hours but they remain encrypted.