MALWARE FAMILY
PayloadBIN
Internal ID: win.payloadbin
Last seen:Mar 17, 2026
Intelligence Profile
Malware family identifying win.payloadbin. Origin and technical characteristics tracked via Malpedia.
Threat Analysis
PayloadBIN is a malware family tracked by threat intelligence researchers and catalogued in the Malpedia dataset. It represents a distinct malicious software lineage with identifiable code characteristics, behaviors, and victimology.
Ransomware Victims (13)
CTIWATCH tracks 13 organizations claimed as victims by PayloadBIN on its data leak site, with attack dates, sectors and countries.
View full victims list →Known Campaigns
Payloadbin — Active Campaign March 2026
Payloadbin is conducting an active ransomware campaign targeting organizations across 9 countries. Primary targets: Agriculture and Food Production, Energy, Healthcare. 11 confirmed victims recorded in the last 45 days. Campaign status: ACTIVE (last activity 30 Mar 2026).
🎯 Agriculture and Food Production🎯 Energy🎯 Healthcare
ACTIVEMEDIUM2026
External References
Quick Facts
TypeMalware Family
Aliases1
Also Known As
win.payloadbin
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.