Nokoyawa Ransomware: Rust or Bust

Nokoyawa 2.0 is a 64-bit Windows ransomware family rewritten in Rust that uses Curve25519 (x25519) for asymmetric key agreement and Salsa20 for symmetric encryption; it accepts a Base64-encoded JSON configuration via the command line, performs partial-file encryption for speed, and supports double-extortion via a TOR-hosted leak site — the report includes technical analysis, decryption tooling guidance (if private key available), and multiple SHA256 IoCs.