KawaiiLocker Ransomware - IOC - File Details


1) Ransomware Name - KawaiiLocker

2) Encrypted Extensions - crypt_list

3) Ransom Note File - How Decrypt Files.txt

4) Encrypted Algorithm - NA

5) Decryptor Link - https://www.google.com/url?q=https://safezone.cc/resources/kawaii-
decryptor.195/&sa=D&ust=1505111525701000&usg=AFQjCNGyicsGXGsXnOhKvUIYwul5tTajTQ


6) Screenshot -


7) Indicators of Compromise -
decrypt2016@yahoo.com
http://7476357288-0.myjino.ru/
http://81.177.139.161/
vssadmin delete shadows /for=C:\/all


8) File Details -
D5 ffdded13a21ff8eeba9ccc815ee7d448
SHA1 8b54db5df8bfeef8b96314ac1d66537f7ba4065d
2SHA256 d7cbf7c35c703235788f854ff7997c0207104bbb6170a6ed4435dc9b426f78de
ssdeep6144: 6uU6G2yg5rMZbVl24k4BeE9egvMRgbw3S51MAdmERAIo6qqDLupIh: Y6G2yg5rOVl2gjMOUgmbIoPqnup
authentihash  33960769d9a7d897842eedf1db74844d3c75d7c4c9909b383c4124eb7ecb0e0b
imphash  81999f8f4ba7439cc77b3d6b1e3d04cb
The size of the file is 444.5 KB (455168 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit

Comments