Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Hellokitty

Unit42 states that HelloKitty is a ransomware family that first surfaced at the end of 2020, primarily targeting Windows systems. The malware family got its name due to its use of a Mutex with the same name: HelloKittyMutex. The ransomware samples seem to evolve quickly and frequently, with different versions making use of the .crypted or .kitty file extensions for encrypted files. Some newer samples make use of a Golang packer that ensures the final ransomware code is only loaded in memory, most likely to evade detection by security solutions.

Known Locations (1)
Favicon Title Type Available Last Visit FQDN
favicon News No 2025-06-01 21:18:24 3r6n77mpe737w4sbxxxrpc5phbluv6xhtdl5ujpnlvmck5tc7blq2rqd.onion
Target (Not Available)

No victim

Heatmap (Not Available)

No victim

Ransom Notes (1)
Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (1)
Indicators of Compromise (IoCs) (54)
MD5 54
Type IOC
md5 50363f811d630e8e3ceb84f6f3db066e
md5 28c5c992809fecdc82509dab19c0d90a
md5 db804c3f55c5d09dace40c76c99cab52
md5 ba35a80338fbf197a323f6fe960bf7cb
md5 e333299d9f7e4c064746e177c84bb5c8
md5 87b418a1d8eaf648b6338af20407abbb
md5 bd0802f8a9a71336607d5c9241db31d9
md5 06ce6cd8bde756265f95fcf4eecadbe9
md5 7ffaaaef5bcaf94756352b1fc866ef3d
md5 3342dc0e3aac48664341cd2fed82d8f0
md5 a91d55cb6f5d7328a2a778c203177221
md5 12df37da9db681055655bd0c73ae6716
md5 8e4a887acab5f9475c5fa9a26fb9e720
md5 3426341929acfd5f963d75d209337802
md5 6d321248c816c61a973c9195af30b25b
md5 019b65ccaabcf519b65645284966db57
md5 85cd7c6931b44a14f4899dfd0039e8b4
md5 39ea2394a6e6c39c5d7722dc996daf05
md5 f568229e696c0e82abb35ec73d162d5e
md5 6c849920155f48d4b4aafce0fc49eb5b
md5 22d35005e926fe29379cb07b810a6075
md5 57824214710bc0cdb22463571a72afd0
md5 1b0b9e4cddcbcb02affe9c8124855e58
md5 46ecc24ef6d20f3eaf71ff37610d57d1
md5 1a79b6d169aac719c9323bc3ee4a8361
md5 a64d79eba40229ae9aaebbd73938b985
md5 136bd70f7aa98f52861879d7dca03cf2
md5 af568e8a6060812f040f0cb0fd6f5a7b
md5 d96adf82f061b1a6c80699364a1e3208
md5 c45f5895c255c5bb59b2aa4947412753
md5 e7ad64df3eea1239f735f790c17db441
md5 ea4ec74ecdb45e9d72ac35bd5c14e7c0
md5 83b6f9a64ac51c6623bd93918379dfc4
md5 d3326491afcc35962994e391d485b3ff
md5 280d680ee80e5fcc5cd6fc9be2d8518d
md5 176bfe9ab5a14115ff5b90b07626cb64
md5 4ca68bf3d630332e9c19a17ac910376e
md5 1a2e261b1ae3c96b6d418dae80ce62a3
md5 3167cd62ad262b8c920fc0fb258a8988
md5 eafdcf0d488f08716764a0cbfdc27b46
md5 f568229e696c0e82abb35ec73d162d5e
md5 39ea2394a6e6c39c5d7722dc996daf05
md5 88fcf84d7c9527520b770a992fbf68dd
md5 b0579ea540b639929f1a7426310d0d2c
md5 1e2bf7c7cafcd1216fb12c2947536705
md5 4d854853a5fab3421e5713fd0b6fed42
md5 a3dc8739c25b9b0c0348fc12fddcef65
md5 eab47cbf897c7e9c2dc1009e11d1d928
md5 dedaf87d9f14524ec3fe7c3d2e304bf5
md5 16153e9582cfe94a06fc670a5d851ed9
md5 a169a146571b908a412ba8482adee8f1
md5 e931ab5882d62ea08e498d90e2e11ad0
md5 44c36bc55af58eb506d1760ab608402b
md5 a831d838a924ea135c3e0f315f73fcd3
Victims (0)