HarunaWare
Aliases
Haruna
Decryptor Available
No
Description
HarunaWare, or Haruna, is a variant of rensenWare, the open-source ransomware created by a South Korean undergraduate student that required victims to play a bullet hell game and get 200 million points on lunatic difficulty. The author of rensenWare infected himself and created a decryptor for his ransomware. However, that decryptor does not work for HarunaWare. The differences between HarunaWare and rensenWare are:
- the ransom note image and name;
- the files it targets to encrypt;
- and the condition to satisfy decryption.
Instead of the 200 million points required by rensenWare, HarunaWare requires users to "turn some file in to love" by creating a file named "I_luv_haruna.exe." Once an executable with that name is run, it will detect the process name, and the files will revert to normal.
Ransomware Type
Crypto-Ransomware
First Seen
Last Seen
Lineage
Extortion Types
Direct Extortion
Encryption
Type
Symmetric
Files
AES-256-CBC
File Extension
<file name>.Haruna
Ransom Note Name
Haruna WARNING!
Ransom Note Image
Samples (SHA-256)
8856a7e645cb1e8ed6a22c1c5564dd616654d5ccaf88b5a4f538d8347ac7c0ad
References & Publications
The Crypto-Ransomware Digest: RensenWare (and variants)
Twitter | X: @malwrhunterteam - HarunaWare