<<< Hide Navigation Hide TOC >>>

Karakurt (035fbd5c-e4a1-4c7b-80fb-f5a89a361aed)

Karakurt actors have employed a variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation. Karakurt victims have not reported encryption of compromised machines or files; rather, Karakurt actors have claimed to steal data and threatened to auction it off or release it to the public unless they receive payment of the demanded ransom. Known ransom demands have ranged from $25,000 to $13,000,000 in Bitcoin, with payment deadlines typically set to expire within a week of first contact with the victim.

Rows: 3

Loading extensions...

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Malpedia Threat Actor		Clear Malpedia RAT Threat Actor	Clear 1
Cobalt Strike (1a1d3ea4-972e-4c48-8d85-08d9db8f1550)	Malpedia	Karakurt (035fbd5c-e4a1-4c7b-80fb-f5a89a361aed)	Threat Actor	1
Karakurt (035fbd5c-e4a1-4c7b-80fb-f5a89a361aed)	Threat Actor	AnyDesk (7d71d21e-68f0-4595-beee-7c353471463d)	RAT	1
Karakurt (035fbd5c-e4a1-4c7b-80fb-f5a89a361aed)	Threat Actor	MimiKatz (588fb91d-59c6-4667-b299-94676d48b17b)	Malpedia	1