← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Dark Web Profile: BQTLock Ransomware.
WHITE PetrP.73 2025-09-17 Modified: 2025-10-17
92
IOCs
HIGH VOLUME
BQTLock is a newly emerged Ransomware-as-a-Service (RaaS) that has rapidly gained notoriety for its aggressive operational tactics and sophisticated technical capabilities. Originating from the Middle East, the threat group behind BQTLock is led by Karim Fayad, who operates under aliases such as ZeroDayX and ZeroDayX1, with an associated member named Fuch0u. The group seems to engage with pro-Palestinian hacktivist organizations, leveraging social networks for mutual promotion and potentially collaboration.
iocsransom onionsite httpsta socialnetworks httpsta webpagebqtlockmail
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (29 / 92 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain email
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 00005ed250d85fc47e4c3883b8e6179a9888b8140acfeb94a40edc36bd523adb 2025-09-17
FileHash-SHA256 008ec0226066572f4b27f100d08443120b9dd55cefbec2bbff994b5b552e546c 2025-09-17
FileHash-SHA256 0ccd3f2d7e6637eaf5414e35b97d9d8bf6b8e4182859cace8ca8e02377a4e62a 2025-09-17
FileHash-SHA256 10938c2d01dc999d2fe1f8c635e3705e7e663077935a17e730c849d1191c76ed 2025-09-17
FileHash-SHA256 11affbeb18f4d6edcc9a4be5a82f8e23dfc31178887e97119faa5ddc75990494 2025-09-17
FileHash-SHA256 324eabc27a25f524c94bb62573986b3335ab5181ddc6825d959d16aaaccdc7aa 2025-09-17
FileHash-SHA256 425b2f283b71237276f84d941d9c2982c7f61a9aff12ece10e15065b73b7165e 2025-09-17
FileHash-SHA256 4369aed581de0fe84c25a1ef2c3cf0bb6bf70df8b51fdf38b3b0b2a55f43261b 2025-09-17
FileHash-SHA256 49f89b2fdef345a9d92fc821e4a226d8ac99e4ca0d2d11b5654f6557800b85f2 2025-09-17
FileHash-SHA256 56eec59a5fe3f5a3c2c836701557bf1956770f465cd9e049995b86aef76a3e39 2025-09-17
FileHash-SHA256 590e47944ef0597bf1ff1d41656859b776e7031a4611cbf22d619002cbe49312 2025-09-17
FileHash-SHA256 5b992a3438e344dddcdd66151a40efb3452b2ff37cdc40b37db612afeb29ed29 2025-09-17
FileHash-SHA256 618070d597dd73c43ba5d4bde2baa93a4f6038e3279de3bafe688caa5c409a58 2025-09-17
FileHash-SHA256 780e34c72404fd464669626ae554b81393d2bae95293284b375bb5d989914486 2025-09-17
FileHash-SHA256 862f29aa00bb4ee33729bc6699990dbdf9ef890b8364f8288b173cb1ca5d6787 2025-09-17
FileHash-SHA256 881b048234ebed82339244eb0c18580d785944dc82f83949f6adc1a9bc225c3b 2025-09-17
FileHash-SHA256 9547933dd46501af7fc095a3513e48b81178e344b86e075b679259875f0fd5a7 2025-09-17
FileHash-SHA256 97524f4c582e0fbe46b74a7cfe4db9f078f368520cda25f27a50c5d2c50161f9 2025-09-17
FileHash-SHA256 9cd62dbace3324487124787127cff7c63a9f005d8d3aff9bac28c437e5caefc7 2025-09-17
FileHash-SHA256 a6a397fec6c109a1402c6f1144d647843b2093f65fedd27204b40ebeea0640b6 2025-09-17
FileHash-SHA256 af90666822646e35eb52248f4a89eb715ce9f44459205bc24827a2aafe053548 2025-09-17
FileHash-SHA256 b211537ea626fae4ad2ef5ee2652633dc68aaf20da6eb953a44f266c4106b367 2025-09-17
FileHash-SHA256 b61ae633616d7dd29aaf0b170fdfbe8f282c0f8bdcb1c52aedee473ce4bf5789 2025-09-17
FileHash-SHA256 b7796a3b1812f329c43d5d37bbb6d8032b7bc06b15af29f555eb3e0c7b1b1c3d 2025-09-17
FileHash-SHA256 cd5e7b3b59cea14b804f6c01821d1ab94a0046422fe956f623b238c5db0cac99 2025-09-17
FileHash-SHA256 dacbba7f18d0835deb2eeb4e4d82c8f57234767291a90da1a5f3fd02d6bc13c2 2025-09-17
FileHash-SHA256 e2622ede1ebe5a37c439a32f0c63c13f893d1e5513b27367502898651cc5464b 2025-09-17
FileHash-SHA256 f77c203d0c80598954c06a0f6f0c46f8b885ba423d12a21f13ded0168aa11b10 2025-09-17
FileHash-SHA256 fbd67a3bcc964e370931f620a85bf368d7b5797ebc1d53fe3be11a89a90e7961 2025-09-17
References (1)
↗ https://socradar.io/dark-web-profile-bqtlock-ransomware/