Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Kawa4096 / Kawalocker

None

Victims
17
 
First Discovered
2025-06-27
victim
Last Discovered
2025-07-29
victim
Inactive Since
244
days
Avg Delay
8.3
days
Infostealer
11.1%
victims with domain

View Victims on World Map

View group statistics

Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Kawa4096 No 2025-09-15 05:30:34 kawasa2qo7345dt7ogxmx7qmn6z2hnwaoi3h5aeosupozkddqwp6lqqd.onion
Target (Available)
Top 5 Activity Sectors
  • Financial Services 2
  • Healthcare 2
  • Public Sector 1
Top 5 Countries
  • US flag United States 11
  • JP flag Japan 3
  • DE flag Germany 2
Heatmap (Available)
Ransom Notes (0)

No ransom notes available.

Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (3)
EMAIL 1 SHA256 1 TOX 1
Type IOC
email kawa4096@onionmail.org
sha256 f3a6d4ccdd0f663269c3909e74d6847608b8632fb2814b0436a4532b8281e617
tox 6A340207246B47E37F6D094D2236E5C6242B6E4461EEF8021FED2C9855240C3E11AEE886FAAF
Victims (17)
Logo
********.org US
Kawa4096
Discovered: 2025-07-29  ·  Attack est.: 2025-07-28
********.org…
Logo
**********.net US
Kawa4096
Discovered: 2025-07-27
**********.net…
Logo
**********.com US
Kawa4096
Discovered: 2025-07-27
**********.com…
Logo
icmconv.com US
Kawa4096
Discovered: 2025-07-22  ·  Attack est.: 2025-06-19
icmconv.com…
Logo
carestlhealth.org US
Kawa4096
Discovered: 2025-07-22  ·  Attack est.: 2025-06-28
carestlhealth.org…
Logo
sbamh.org US
Kawa4096
Discovered: 2025-07-22  ·  Attack est.: 2025-07-20
sbamh.org…
Logo
gatewaycsb.org US
Kawa4096
Discovered: 2025-07-07  ·  Attack est.: 2025-06-25
gatewaycsb.org…
Logo
heimhaus.de DE
Kawa4096
Discovered: 2025-07-07  ·  Attack est.: 2025-06-22
www.heimhaus.de…
Logo
tokiomarine-nichido.co.jp JP
Kawa4096
Discovered: 2025-07-01  ·  Attack est.: 2025-06-26
tokiomarine-nichido.co.jp…
Logo
www.ogr-jp.com JP
Kawa4096
Discovered: 2025-07-01  ·  Attack est.: 2025-06-28
www.ogr-jp.com…
Logo
www.malonebailey.com US
Kawa4096
Discovered: 2025-06-30  ·  Attack est.: 2025-06-24
www.malonebailey.com…
Logo
**********-*******.co.jp JP
Kawa4096
Discovered: 2025-06-30  ·  Attack est.: 2025-06-26
**********-*******.co.jp…
Logo
*************.org
Kawa4096
Discovered: 2025-06-30  ·  Attack est.: 2025-06-28
*************.org…
Logo
Morningsideservices US
Kawa4096
Discovered: 2025-06-27  ·  Attack est.: 2025-06-20
www.morningsideservices.com…
Logo
******.de DE
Kawa4096
Discovered: 2025-06-27  ·  Attack est.: 2025-06-22
www.******.de…
Logo
******.com US
Kawa4096
Discovered: 2025-06-27  ·  Attack est.: 2025-06-24
www.******.com…
Logo
******.org US
Kawa4096
Discovered: 2025-06-27  ·  Attack est.: 2025-06-25
******.org…