KashimaWare, or Kashima, is a variant of rensenWare, the open-source ransomware created by a South Korean undergraduate student that required victims to play a bullet hell game and get 200 million points on lunatic difficulty. The author of rensenWare infected himself and created a decryptor for his ransomware. However, that decryptor does not work for KashimaWare. The differences between KashimaWare and rensenWare are:
- the ransom note image and name;
- the files it targets to encrypt (only .cfg and .js files);
- and the condition to satisfy decryption.
Instead of the 200 million points required by rensenWare, KashimaWare requires users to "running nixware loader" by creating a file named "nixware.exe." Once an executable with that name is run, it will detect the process name, and the files will revert to normal.