KawaLocker
· Published 21/12/2025 15:36 · Modified 21/12/2025 15:36
· Source: AlienVault
Essential information
- Confidence
- 100/100
- Published
- 21/12/2025 15:36
- Modified
- 21/12/2025 15:36
- Updated at
- 21/12/2025 15:36
- Revoked
- No
- Author / Source
- AlienVault
- Resource level
- —
- Primary motivation
- —
- Related entities
- 1 reports, 12 attack patterns (mitre), 3 malware, 5 indicators
Description
No description.
Marking (TLP)
TLP:CLEAR
Related entities
Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.
Reports (1)
-
4 MITREs 3 Malwares 5 Observables 1 APTPublished 15/08/2025 05:29 · Modified 15/08/2025 12:38
Attack patterns (MITRE) (12)
-
T1112 usesModify Registry
-
T1070.001 usesClear Windows Event Logs
-
T1078 usesValid Accounts
-
T1485 usesData Destruction
-
T1569.002 usesService Execution
-
T1059.003 usesWindows Command Shell
-
T1486 usesData Encrypted for Impact
-
T1490 usesInhibit System Recovery
-
T1021.001 usesRemote Desktop Protocol
-
T1562.001 usesDisable or Modify Tools
-
T1070.004 usesFile Deletion
-
T1082 usesSystem Information Discovery
Malware (3)
-
HRSword usesFamilyPublished 01/05/2026 17:53 · Modified 01/05/2026 17:53
-
KaWaLocker usesFamilyPublished 19/08/2025 18:06 · Modified 19/08/2025 18:06
-
KAWA4096 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 Published 21/12/2025 15:04 · Modified 21/12/2025 15:04
Indicators (5)
-
11b262c936ffa8eb83457efd3261578376d49d6e789c7c026f1fa0b91929e135indicates -
01a3dabb4684908082cb2ac710d5d42afae2d30f282f023d54d7e945ad3272f5indicates -
ecca86e9b79d5a391a433d8d782bf54ada5a9ee04038dbaf211e0f087b5dad52indicates -
db8f4e007187795e60f22ee08f5916d97b03479ae70ad95ad227c57e20241e9dindicates -
e4fb852fed532802aa37988ef9425982d272bc5f8979c24b25b620846dac9a23indicates