Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Kawa4096

| active

None

Victims
 

17

First Discovered
victim

2025-06-27

Last Discovered
victim

2025-07-29

Inactive Since
in day(s)

17

Avg Delay
between attack and claim

8.3 days

Infostealer
for victim with domain

11.1%

View Victims on World Map

View group statistics

Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Kawa4096 Yes 2025-08-15 10:31:18 NGINX nginx 1.18.0 kawasa2qo7345dt7ogxmx7qmn6z2hnwaoi3h5aeosupozkddqwp6lqqd.onion
Target (Available)
Top 5 Activity Sectors
  • Financial Services 2
  • Healthcare 2
  • Public Sector 1
Top 5 Countries
  • US flag United States 11
  • JP flag Japan 3
  • DE flag Germany 2
Heatmap (Available)
Ransom Notes (0)

No ransom notes available.

Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (2)
EMAIL 1 TOX 1
Type IOC
email kawa4096@onionmail.org
tox 6A340207246B47E37F6D094D2236E5C6242B6E4461EEF8021FED2C9855240C3E11AEE886FAAF
Victims (17)
Logo
********.org Kawa4096
Discovery Date: 2025-07-29
Estimated Attack Date: 2025-07-28
********.org...
US
Logo
**********.net Kawa4096
Discovery Date: 2025-07-27
**********.net...
US
Logo
**********.com Kawa4096
Discovery Date: 2025-07-27
**********.com...
US
Logo
icmconv.com Kawa4096
Discovery Date: 2025-07-22
Estimated Attack Date: 2025-06-19
icmconv.com...
US
Logo
carestlhealth.org Kawa4096
Discovery Date: 2025-07-22
Estimated Attack Date: 2025-06-28
carestlhealth.org...
US
Logo
sbamh.org Kawa4096
Discovery Date: 2025-07-22
Estimated Attack Date: 2025-07-20
sbamh.org...
US
Logo
gatewaycsb.org Kawa4096
Discovery Date: 2025-07-07
Estimated Attack Date: 2025-06-25
gatewaycsb.org...
US
Logo
heimhaus.de Kawa4096
Discovery Date: 2025-07-07
Estimated Attack Date: 2025-06-22
www.heimhaus.de...
DE
Logo
tokiomarine-nichido.co.jp Kawa4096
Discovery Date: 2025-07-01
Estimated Attack Date: 2025-06-26
tokiomarine-nichido.co.jp...
JP
Logo
www.ogr-jp.com Kawa4096
Discovery Date: 2025-07-01
Estimated Attack Date: 2025-06-28
www.ogr-jp.com...
JP
Logo
www.malonebailey.com Kawa4096
Discovery Date: 2025-06-30
Estimated Attack Date: 2025-06-24
www.malonebailey.com...
US
Logo
**********-*******.co.jp Kawa4096
Discovery Date: 2025-06-30
Estimated Attack Date: 2025-06-26
**********-*******.co.jp...
JP
Logo
*************.org Kawa4096
Discovery Date: 2025-06-30
Estimated Attack Date: 2025-06-28
*************.org...
Logo
Morningsideservices Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-20
www.morningsideservices.com...
US
Logo
******.de Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-22
www.******.de...
DE
Logo
******.com Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-24
www.******.com...
US
Logo
******.org Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-25
******.org...
US