DJVU Ransomware belong to the family of STOP Ransomware. It had been active since 2018 but there is a decryptor available for previous version. This new variant has become one of the most widespread file-encrypting viruses of 2021.

PayloadBIN Ransomware is attributed to the Evil Corp group. In 2019 the government barred negotiation firms from facilitating ransom payments for Evil Corp, they renamed their ransomware operations to different

SplinterJoke Ransomware encrypts user files and data and asks them to contact them for the decryption key. After encryption, it changes the wallpaper of the system saying that this ransomware is a Proof of Concept (POC) for SentinelOne.

Ducky Ransomware encrypts user data and asks them to contact the attacked on Telegram handle duckydecrypt or contact them at ballxball@protonmail.com in 48 hours.

Zeppelin Ransomware is successor of VegaLocker and is written in Delphi. Zeppelin is a highly configurable malware and can be deployed as an EXE, DLL, or wrapped in a PowerShell loader.