HOMETHREATSPayloadBIN
MALWARE FAMILY

PayloadBIN

Internal ID: win.payloadbin
13
victims
1
campaigns
1
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Malware family identifying win.payloadbin. Origin and technical characteristics tracked via Malpedia.

Threat Analysis

PayloadBIN is a malware family tracked by threat intelligence researchers and catalogued in the Malpedia dataset. It represents a distinct malicious software lineage with identifiable code characteristics, behaviors, and victimology.

Ransomware Victims (13)

CTIWATCH tracks 13 organizations claimed as victims by PayloadBIN on its data leak site, with attack dates, sectors and countries.

View full victims list →

Known Campaigns

Payloadbin — Active Campaign March 2026

Payloadbin is conducting an active ransomware campaign targeting organizations across 9 countries. Primary targets: Agriculture and Food Production, Energy, Healthcare. 11 confirmed victims recorded in the last 45 days. Campaign status: ACTIVE (last activity 30 Mar 2026).

🎯 Agriculture and Food Production🎯 Energy🎯 Healthcare
ACTIVEMEDIUM2026

External References

Quick Facts

TypeMalware Family
Aliases1

Also Known As

win.payloadbin

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.