Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Kawa4096 / Kawalocker

None

Victims
 

17

First Discovered
victim

2025-06-27

Last Discovered
victim

2025-07-29

Inactive Since
in days

62

Avg Delay
between attack and claim

8.3 days

Infostealer
for victim with domain

11.1%

View Victims on World Map

View group statistics

Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Kawa4096 No 2025-09-15 05:30:34 kawasa2qo7345dt7ogxmx7qmn6z2hnwaoi3h5aeosupozkddqwp6lqqd.onion
Target (Available)
Top 5 Activity Sectors
  • Financial Services 2
  • Healthcare 2
  • Public Sector 1
Top 5 Countries
  • US flag United States 11
  • JP flag Japan 3
  • DE flag Germany 2
Heatmap (Available)
Ransom Notes (0)

No ransom notes available.

Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (3)
EMAIL 1 SHA256 1 TOX 1
Type IOC
email kawa4096@onionmail.org
sha256 f3a6d4ccdd0f663269c3909e74d6847608b8632fb2814b0436a4532b8281e617
tox 6A340207246B47E37F6D094D2236E5C6242B6E4461EEF8021FED2C9855240C3E11AEE886FAAF
Victims (17)
Logo
********.org Kawa4096
Discovery Date: 2025-07-29
Estimated Attack Date: 2025-07-28
********.org...
US
Logo
**********.net Kawa4096
Discovery Date: 2025-07-27
**********.net...
US
Logo
**********.com Kawa4096
Discovery Date: 2025-07-27
**********.com...
US
Logo
icmconv.com Kawa4096
Discovery Date: 2025-07-22
Estimated Attack Date: 2025-06-19
icmconv.com...
US
Logo
carestlhealth.org Kawa4096
Discovery Date: 2025-07-22
Estimated Attack Date: 2025-06-28
carestlhealth.org...
US
Logo
sbamh.org Kawa4096
Discovery Date: 2025-07-22
Estimated Attack Date: 2025-07-20
sbamh.org...
US
Logo
gatewaycsb.org Kawa4096
Discovery Date: 2025-07-07
Estimated Attack Date: 2025-06-25
gatewaycsb.org...
US
Logo
heimhaus.de Kawa4096
Discovery Date: 2025-07-07
Estimated Attack Date: 2025-06-22
www.heimhaus.de...
DE
Logo
tokiomarine-nichido.co.jp Kawa4096
Discovery Date: 2025-07-01
Estimated Attack Date: 2025-06-26
tokiomarine-nichido.co.jp...
JP
Logo
www.ogr-jp.com Kawa4096
Discovery Date: 2025-07-01
Estimated Attack Date: 2025-06-28
www.ogr-jp.com...
JP
Logo
www.malonebailey.com Kawa4096
Discovery Date: 2025-06-30
Estimated Attack Date: 2025-06-24
www.malonebailey.com...
US
Logo
**********-*******.co.jp Kawa4096
Discovery Date: 2025-06-30
Estimated Attack Date: 2025-06-26
**********-*******.co.jp...
JP
Logo
*************.org Kawa4096
Discovery Date: 2025-06-30
Estimated Attack Date: 2025-06-28
*************.org...
Logo
Morningsideservices Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-20
www.morningsideservices.com...
US
Logo
******.de Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-22
www.******.de...
DE
Logo
******.com Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-24
www.******.com...
US
Logo
******.org Kawa4096
Discovery Date: 2025-06-27
Estimated Attack Date: 2025-06-25
******.org...
US