Pay2Key Ransomware apparently target towards business in Brazil and Israel. It looks for open RDP ports and swiftly spreads in entire network with in one hour.
RegretLocker uses a special technique to mount the virtual disk file to individually encrypt each of its files. RegretLocker uses the Windows Virtual Storage API OpenVirtualDisk, AttachVirtualDisk, GetVirtualDiskPhysicalPath to mount virtual disks.
RansomEXX encrypt its victim files with 256-bit key using AES block cipher in ECB mode. The AES key is encrypted by a public RSA-4096 key embedded in the code and appended to each encrypted file. It is initially targeted toward Texas Department of Transportation.
Avaddon ransomware encrypts user data using AES-256 + RSA-2048, and then requires a ransom of $150 to $350 or more in BTC in order to return the files.
PonyFinal is a Java based ransomware that is deployed in human operated ransomware attacks. While Java based ransomware are not unheard of, they are not as common as other threat file types. However, organizations should focus less on this payload and more on how it's delivered.