← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Karakurt Data Extortion Group
WHITE Karakurt AlienVault 2022-06-02 Modified: 2022-06-02
53
IOCs
HIGH VOLUME
The Karakurt data extortion group has targeted victims across North America and Europe, demanding a ransom of up to $13,000 (£7,500) for the return of stolen data.
karakurtdata extortionlog4shell
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Karakurt
Indicators of Compromise (53)
All email BitcoinAddress CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
email ripidelfun1986@protonmail.com 2022-06-02
email personal.information.reveal@gmail.com 2022-06-02
email mark.hubert1986@gmail.com 2022-06-02
email karakurtlair@gmail.com 2022-06-02
email gapreappballye1979@protonmail.com 2022-06-02
email confedicial.datas.download@protonmail.com 2022-06-02
email armada.mitchell94@protonmail.com 2022-06-02
BitcoinAddress bc1q25km8usscsra6w2falmtt7wxyga8tnwd5s870g 2022-06-02
BitcoinAddress bc1q3xgr4z53cdaeyn03luhen24xu556y5spvyspt8 2022-06-02
BitcoinAddress bc1q6s0k4l8q9wf3p9wrywf92czrxaf9uvscyqp0fu 2022-06-02
BitcoinAddress bc1q8ff3lrudpdkuvm3ehq6e27nczm393q9f4ydlgt 2022-06-02
BitcoinAddress bc1qa5v6amyey48dely2zq0g5c6se2keffvnjqm8ms 2022-06-02
BitcoinAddress bc1qenjstexazw07gugftfz76gh9r4zkhhvc9eeh47 2022-06-02
BitcoinAddress bc1qfp3ym02dx7m94td4rdaxy08cwyhdamefwqk9hp 2022-06-02
BitcoinAddress bc1qj7aksdmgrnvf4hwjcm5336wg8pcmpegvhzfmhw 2022-06-02
BitcoinAddress bc1qq427hlxpl7agmvffteflrnasxpu7wznjsu02nc 2022-06-02
BitcoinAddress bc1qq9ryhutrprmehapvksmefcr97z2sk3kdycpqtr 2022-06-02
BitcoinAddress bc1qqp73up3xff6jz267n7vm22kd4p952y0mhcd9c8 2022-06-02
BitcoinAddress bc1qrkcjtdjccpy8t4hcna0v9asyktwyg2fgdmc9al 2022-06-02
BitcoinAddress bc1qrtq27tn34pvxaxje4j33g3qzgte0hkwshtq7sq 2022-06-02
BitcoinAddress bc1qta70dm5clfcxp4deqycxjf8l3h4uymzg7g6hn5 2022-06-02
BitcoinAddress bc1qtm6gs5p4nr0y5vugc93wr0vqf2a0q3sjyxw03w 2022-06-02
BitcoinAddress bc1qw77uss7stz7y7kkzz7qz9gt7xk7tfet8k30xax 2022-06-02
BitcoinAddress bc1qx9eu6k3yhtve9n6jtnagza8l2509y7uudwe9f6 2022-06-02
BitcoinAddress bc1qxfqe0l04cy4qgjx55j4qkkm937yh8sutwhlp4c 2022-06-02
BitcoinAddress bc1qz9a0nyrqstqdlr64qu8jat03jx5smxfultwpm0 2022-06-02
CVE CVE-2021-44228 2022-06-02
FileHash-MD5 074863c3352d6dda17dcb8bdc6a8929f MD5 of 3e625e20d7f00b6d5121bb0a71cfa61f92d658bcd61af2cf5397e0ae28f4ba56 2022-06-02
FileHash-MD5 1bf171b1f388691c3985df6fb6c3f0d1 MD5 of fdb92fac37232790839163a3cae5f37372db7235 2022-06-02
FileHash-MD5 286aaf0974d06d9b02d11611b2acccef MD5 of 712733c12ea3b6b7a1bcc032cc02fd7ec9160f5129d9034bf9248b27ec057bd2 2022-06-02
FileHash-MD5 ca2883a7f300abd755706d3a9b55916b MD5 of 5e2b2ebf3d57ee58cada875b8fbce536edcbbf59acc439081635c88789c67aca 2022-06-02
FileHash-MD5 e2bce0f3162076fa56de5215fd31e3ab MD5 of 563bc09180fd4bb601380659e922c3f7198306e0caebe99cd1d88cd2c3fd5c1b 2022-06-02
FileHash-SHA1 030394b7a2642fe962a7705dcc832d2c08d006f5 2022-06-02
FileHash-SHA1 05a9b0c93f7e1ca272b4236d489f903c399e5faa SHA1 of 712733c12ea3b6b7a1bcc032cc02fd7ec9160f5129d9034bf9248b27ec057bd2 2022-06-02
FileHash-SHA1 0e50b289c99a35f4ad884b6a3ffb76de4b6ebc14 2022-06-02
FileHash-SHA1 10326c2b20d278080aa0ca563fc3e454a85bb32f 2022-06-02
FileHash-SHA1 401341a7a604ae8d80d9240cb54dde5e26a5cfdb SHA1 of 5e2b2ebf3d57ee58cada875b8fbce536edcbbf59acc439081635c88789c67aca 2022-06-02
FileHash-SHA1 4d7f4bb3a23eab33a3a28473292d44c5965ddc95 2022-06-02
FileHash-SHA1 7e654c02e75ec78e8307dbdf95e15529aaab5dff 2022-06-02
FileHash-SHA1 86366bb7646dcd1a02700ed4be4272cbff5887af 2022-06-02
FileHash-SHA1 8a07e8326dec5b754becce68b5b02b85653d6029 SHA1 of 3e625e20d7f00b6d5121bb0a71cfa61f92d658bcd61af2cf5397e0ae28f4ba56 2022-06-02
FileHash-SHA1 c33129a680e907e5f49bcbab4227c0b02e191770 2022-06-02
FileHash-SHA1 d18c007d856b98ad09818e62fc05acb755dae86c SHA1 of 563bc09180fd4bb601380659e922c3f7198306e0caebe99cd1d88cd2c3fd5c1b 2022-06-02
FileHash-SHA1 fdb92fac37232790839163a3cae5f37372db7235 2022-06-02
FileHash-SHA256 0112e3b20872760dda5f658f6b546c85f126e803e27f0577b294f335ffa5a298 SHA256 of fdb92fac37232790839163a3cae5f37372db7235 2022-06-02
FileHash-SHA256 3e625e20d7f00b6d5121bb0a71cfa61f92d658bcd61af2cf5397e0ae28f4ba56 2022-06-02
FileHash-SHA256 563bc09180fd4bb601380659e922c3f7198306e0caebe99cd1d88cd2c3fd5c1b 2022-06-02
FileHash-SHA256 5e2b2ebf3d57ee58cada875b8fbce536edcbbf59acc439081635c88789c67aca 2022-06-02
FileHash-SHA256 712733c12ea3b6b7a1bcc032cc02fd7ec9160f5129d9034bf9248b27ec057bd2 2022-06-02
URL https://karakurt.group 2022-06-02
URL https://omx5iqrdbsoitf3q4xexrqw5r5tfw7vp3vl3li3lfo7saabxazshnead.onion 2022-06-02
domain karakurt.group 2022-06-02
domain omx5iqrdbsoitf3q4xexrqw5r5tfw7vp3vl3li3lfo7saabxazshnead.onion 2022-06-02
References (1)
↗ https://www.cisa.gov/uscert/ncas/alerts/aa22-152a