hellokitty | 3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9 | Triage

Submit
Reports

Overview

overview

Static

static

3

3ae7bedf23...e9.exe

windows10-2004-x64

Sharing

General

Target

3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9.exe
Size

155KB
Sample

250410-kc16wswnz4
MD5

af568e8a6060812f040f0cb0fd6f5a7b
SHA1

e7f0c17b338d78c4f8b82b032af9f81828512b30
SHA256

3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9
SHA512

2c44272dcf130a95ea0e83fa02d2629edecf94b16452127f2e177f00f4bf48f2e306ec53b28d2005a27e8b683dc683fb54146a711233aa1e1c4256a9e4ac979b
SSDEEP

3072:eaV+7SXvezfVdzGt3/ygs7vZoVCrmjePFpUSFC:eI4SXvktuo6CK+KSF

Score

10^/10

hellokitty discovery ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9.exe

Resource

win10v2004-20250314-en

hellokitty discovery ransomware

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9.exe
- Size
  
  155KB
- MD5
  
  af568e8a6060812f040f0cb0fd6f5a7b
- SHA1
  
  e7f0c17b338d78c4f8b82b032af9f81828512b30
- SHA256
  
  3ae7bedf236d4e53a33f3a3e1e80eae2d93e91b1988da2f7fcb8fde5dcc3a0e9
- SHA512
  
  2c44272dcf130a95ea0e83fa02d2629edecf94b16452127f2e177f00f4bf48f2e306ec53b28d2005a27e8b683dc683fb54146a711233aa1e1c4256a9e4ac979b
- SSDEEP
  
  3072:eaV+7SXvezfVdzGt3/ygs7vZoVCrmjePFpUSFC:eI4SXvktuo6CK+KSF
Score

10^/10

hellokitty discovery ransomware
- HelloKitty Ransomware
  Ransomware family which has been active since late 2020, and in early 2021 a variant compromised the CDProjektRed game studio.
  ransomware hellokitty
- Hellokitty family
  hellokitty
- Renames multiple (181) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

hellokittydiscoveryransomware

© 2018-2025

Terms | Privacy