KaWa4096
(Active)
Aliases
KaWa
KaWaLocker
Description
This entry is under construction. However, we have included some details below.
Ransomware Type
Crypto-Ransomware
Data Broker
First Seen
Extortion Links
Medium
Link
TOR
http://kawasa2qo7345dt7ogxmx7qmn6z2hnwaoi3h5aeosupozkddqwp6lqqd.onion
TOR
http://kawasax2yghpkcxx5d5fegnjoucwxnjpxcxpfh2vjfx7drj66pnwl3ad.onion
Extortion Types
Direct Extortion
Double Extortion
Free Data Leaks
Communication
Medium
Identifier
Email
Tox
6A340207246B47E37F6D094D2236E5C6242B6E4461EEF8021FED2C9855240C3E11AEE886FAAF
Encryption
Type
Hybrid
Files
ChaCha20
Key
Curve25519
File Extension
<file name>.<file extension>.<9 random alphanumeric characters>
Ransom Note Name
!!Restore-My-file-kavva.txt
Ransom Note Image
Samples (SHA-256)
f3a6d4ccdd0f663269c3909e74d6847608b8632fb2814b0436a4532b8281e617
Known Victims(8)
| Industry Sector | Country | Extortion Date | Amount (USD) |
|---|---|---|---|
| Unknown | United States | ||
| Education | United States | ||
| Construction & Home Improvement | Germany | ||
| Accounting Services | United States | ||
| Government | United States | ||
| Insurance | Japan | ||
| Unknown | United States | ||
| Manufacturing | Japan |