Ransomware - KaWa4096

KaWa4096
Aliases
KaWa
KaWaLocker
Description

This entry is under construction. However, we have included some details below.

Ransomware Type
Crypto-Ransomware
Data Broker
First Seen
Extortion Links
Medium
Link
TOR
http://kawasa2qo7345dt7ogxmx7qmn6z2hnwaoi3h5aeosupozkddqwp6lqqd.onion
TOR
http://kawasax2yghpkcxx5d5fegnjoucwxnjpxcxpfh2vjfx7drj66pnwl3ad.onion
Extortion Types
Direct Extortion
Double Extortion
Free Data Leaks
Communication
Medium
Identifier
Email
[email protected]
Tox
6A340207246B47E37F6D094D2236E5C6242B6E4461EEF8021FED2C9855240C3E11AEE886FAAF
Encryption
Type
Hybrid
Files
ChaCha20
Key
Curve25519
File Extension
<file name>.<file extension>.<9 random alphanumeric characters>
Ransom Note Name
!!Restore-My-file-kavva.txt
Ransom Note Image
KaWa4096-RansomNote-f3a6d
Click to enlarge
Samples (SHA-256)
f3a6d4ccdd0f663269c3909e74d6847608b8632fb2814b0436a4532b8281e617
Industry Sector Country Extortion Date Amount (USD)
Unknown United States
Education United States
Construction & Home Improvement Germany
Accounting Services United States
Government United States
Insurance Japan
Unknown United States
Manufacturing Japan
Ransomware Tracker