Pear / Pure extraction and ransom
| Active
Pure Extraction And Ransom (PEAR) Team is the community of highly responsible and strictly disciplined members. We are a private team and have nothing common with any other threat actors. We've been monitoring this field for a long-long time. So, we understand all the processes and know well how it all works.
Victims
83
First Discovered
2025-08-05
victim
Last Discovered
2026-05-10
victim
Inactive Since
10
days
Avg Delay
25.3
days
Infostealer
7.3%
victims with domain
Countries
7
hit
Attack Velocity — Last 12 months
-75% vs last month
Known Locations (2)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
PEAR | Yes | 2026-05-20T00:12:58 | nginx 1.22.1 |
peargxn3oki34c4savcbcfqofjjwjnnyrlrbszfv6ujlx36mhrh57did.onion
|
||
|
PEAR | Yes | 2026-05-20T00:13:32 | nginx 1.22.1 |
pearsmob5sn44ismokiusuld34pnfwi6ctgin3qbvonpoob4lh3rmtqd.onion
|
Target
Top 5 Activity Sectors
- Business Services 31
- Healthcare 17
- Manufacturing 6
- Financial Services 6
- Technology 5
Top 5 Countries
-
United States
77
-
Canada
1
-
Egypt
1
-
Switzerland
1
-
New Zealand
1
Heatmap
TTPs Matrix (8)
| Initial Access | Execution | Persistence | Defense Evasion | Credential Access | Collection | Exfiltration | Command and Control |
|---|---|---|---|---|---|---|---|
| Valid Accounts | Command and Scripting Interpreter: PowerShell | Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder | Obfuscated Files or Information: Encrypted/Encoded File | Input Capture: Keylogging | Data from Local System | Exfiltration Over C2 Channel | Application Layer Protocol: Web Protocols |
| Phishing | User Execution: Malicious File | Process Injection: DLL Injection | Credentials from Password Stores: Credentials from Web Browsers | Data Staged | Exfiltration Over Web Service | Proxy: Multi-hop Proxy | |
| User Execution: Malicious Copy and Paste | Email Collection | Exfiltration Over Webhook | |||||
| Data from Information Repositories | |||||||
| Archive Collected Data: Archive via Utility |
Negotiation Chats (1)
20250720
42 msgs
YARA Rules (1)
Indicators of Compromise (IoCs) (2)
Email
1
tox
1
| Type | IOC |
|---|---|
Email
|
pear@onionmail.org
|
tox
|
457BB4E5DF0E650509322CA894758D925A568828090A3449D5AEEED30E9B8E18DDDFF71909ED
|
Victims (83)
Firm that specializes in providing accounting, tax, and advisory services…
Church Design, Engineering, Financial & Construction Services…
Charitable organization that hosts an annual telethon to raise funds for the Kinsmen Foundation…
Specializes in services related to pulmonology and critical care, including outpatient pulmonary car…
Offers a wide range of services in the field of maxillofacial surgery…
Colonial Presbyterian Church operates two campuses in Overland Park and South Kansas City…
A highly respected law firm in the San Francisco Bay Area, specializing in employment law…
Specializ in warehousing and fulfillment, direct mail services, inventory management, printing and g…
Auto Insurance, Home Insurance, Renters Insurance, Motorcycle Insurance…
Leading company in providing the latest technologies and business solutions…
Freight transportation services throughout the United States and province of Ontario Canada…
Representing individuals and businesses in matters related to easements, agreements, and zoning, inc…
The go-to firm throughout the Hampton Roads region for Criminal Defense, Family Law, Military Law, a…
Utah’s Leading Bariatric Specialists, surgical & Medical Weight Loss Solutions in Salt Lake City…
Deals in commercial asset-backed loans, commercial real estate acquisition, secured lending, develop…
Dedicated to representing homeowners, business owners and condominium associations in insurance disp…
Leading tier 1 full-service supplier for Automotive and Industrial OEMs…
Cost-efficient, high quality, consumer-responsive health care services…
A Miami law firm representing victims in all types of legal proceedings related to accidents, injuri…
Real Estate Law, Title Insurance, Probate Estate Planning, Bankruptcy, Foreclosures/Short Sales…
A licensed and insured company providing a full range of property management services…
Helps companies conquer their industry and business complexity by implementing and supporting the be…
Dedicated to providing comprehensive dermatological care to address a wide range of skin, hair, and …
The orthopaedic surgery, musculoskeletal conditions, sports injuries and spinal conditions…
Quality, personalized financial guidance to South Florida individuals and businesses…
Ophthalmologists and optometrists provide comprehensive and sub-specialty eye care across patients o…
The law firm of Ramar & Paradiso, are experts of medical malpractice defense, health care law, corpo…
West Chester Township is the most populous township in Ohio, with a population of 65,242 according t…
Catholic Charities of the Diocese of Albany is one of the largest, private, social service agencies …
Homsey Law Center are experts in personal injury law dedicated to serving Oklahoma City for the last…
Cheyney University of Pennsylvania the nation’s first Historically Black College and University (HBC…
Pioneering Christian organization that helps people realize their potential to live beyond their lim…
The firm represente injured workers in Illinois state compensation cases…
A trusted leader in orthopedic care with over 300 years of combined experience…
Pioneers in Cutting-Edge Imaging for Brain, Neck, Spine Injuries, and Orthopedic Excellence…
Partners with companies to provide accounting, human resources and technology deployment services…
Leading provider of automotive retailing solutions that help manage and improve dealership…
Neff Specialties is a specialty sub-contractor that caters to the education, industrial, and commerc…
Hamilton Park Interiors offers thoughtfully designed and quality home furnishings that reflect your …
Brookside Homes is a custom home builder renowned for delivering exceptional quality and service to …
From humble beginnings in 1881 and founded by former slaves on donated land, the Clarkston First Bap…
The Bromack Company was founded in Los Angeles, California by Donald K Polgrean in 1963. Mr. Polgrea…
AIL Hospitality manage a diverse portfolio of hotels located in states like West Virginia, Maryland,…
Twin Oaks Presbyterian Church focuses on worship, discipleship, and outreach…
ThinkBig Health Care Solutions specializes in providing comprehensive services to medical practices,…
TAS NZ advisors dedicated to providing personalized financial solutions that help businesses thrive.…
Alt Vision specialise in the Delivery of ITIL based IT Service Management Solutions around the VMwwa…
To Preferred Homes Realty you will find a wide variety of useful information and resources designed …
The Job Shop is where you come for the best talent and the best jobs. If you are looking for a job o…
The Danvers Law Offices, LLC is a boutique personal injury law firm based in Danvers, MA, serving re…
The family-owned Kalchschmid company in the Swabian town of Balzhausen combines traditional craftsma…
Since 1926, U.S. Battery has been designing and manufacturing the world's highest quality deep cycle…
The staff at Hankin & Mazel has been representing cooperative and condominium boards for over 30 yea…
Garrison Law Firm, LLC specializes in personal injury law, providing legal services to individuals w…