General
-
Target
Hi_Kitty_2.exe
-
Size
157KB
-
Sample
210720-8qm4c8n1dn
-
MD5
136bd70f7aa98f52861879d7dca03cf2
-
SHA1
fadd8d7c13a18c251ded1f645ffea18a37f1c2de
-
SHA256
501487b025f25ddf1ca32deb57a2b4db43ccf6635c1edc74b9cff54ce0e5bcfe
-
SHA512
919b81c6e062f26fef9f2f02f60af9493795ab1e74be0977210375598d2a17e37add7f7843f94c7cd6c44ba12af777a478c3744692ece2e31864b6aafd37e8df
Static task
static1
Behavioral task
behavioral1
Sample
Hi_Kitty_2.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Hi_Kitty_2.exe
Resource
win10v20210410
Malware Config
Extracted
C:\Documents and Settings\read_me_lkd.txt
http://6x7dp6h3w6q3ugjv4yv5gycj3femb24kysgry5b44hhgfwc5ml5qrdad.onion/d87c3f9baf85b2e9ab2a824bb78868294e19992e2e26b54f248abfa73c42a7c0
Targets
-
-
Target
Hi_Kitty_2.exe
-
Size
157KB
-
MD5
136bd70f7aa98f52861879d7dca03cf2
-
SHA1
fadd8d7c13a18c251ded1f645ffea18a37f1c2de
-
SHA256
501487b025f25ddf1ca32deb57a2b4db43ccf6635c1edc74b9cff54ce0e5bcfe
-
SHA512
919b81c6e062f26fef9f2f02f60af9493795ab1e74be0977210375598d2a17e37add7f7843f94c7cd6c44ba12af777a478c3744692ece2e31864b6aafd37e8df
Score10/10-
HelloKitty Ransomware
Ransomware family which has been active since late 2020, and in early 2021 a variant compromised the CDProjektRed game studio.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-