Cuba Ransomware encrypts user data ChaCha20 and encrypt key information with RSA. Cuba Ransomware has purportedly been active since Q4, 2019. However they gained fame after publishing leaked documents from there victim companies that failed or denied to pay ransom.

N3TW0RM Ransomware target israeli business, it encrypt files and ask 4 BTC in ransom to return files.

AgeLocker use AGE (Actually Good Encryption) algorithm for encrypting victims files on QNAP servers, hence the name AgeLocker. It uses X25519, ChaChar20-Poly1305, and HMAC-SHA256 algorithms which makes it a very secure method to encrypt files.

FIVEHANDS ransomware uses an embedded NTRU public key. This NTRU key is SHA512 hashed and the first 32 bytes are used as the victim ID within the ransom note. This NTRU pubic key is also used to encrypt each file's symmetric key.

DeathRansom encrypts user files with AES and demands a ransom of 0.1 BTC. It deletes volume shadow copies to ensure the data cannot be restored easily. After the DeathRansom performs file encryption, it will drop ransom note named "read_me.txt" in each encrypted file's directory