Grupo Ransomware: hellokitty
Perfil del grupo segun ransomware.anggipradana.com.
| Campo | Valor |
|---|---|
| Alias | |
| Pais | |
| Estado |
Descripcion
Unit42 states that HelloKitty is a ransomware family that first surfaced at the end of 2020, primarily targeting Windows systems. The malware family got its name due to its use of a Mutex with the same name: HelloKittyMutex. The ransomware samples seem to evolve quickly and frequently, with different versions making use of the .crypted or .kitty file extensions for encrypted files. Some newer samples make use of a Golang packer that ensures the final ransomware code is only loaded in memory, most likely to evade detection by security solutions.