Karma Ransomware - IOC - File Details


1) Ranosmware Name - Karma

2) Encrypted Extensions - .karma

3) Ransom Note File -
# DECRYPT MY FILES #.html
# DECRYPT MY FILES #.txt

4) Encrypted Algorithm - AES

5) Decryptor Link - NA


6) Screenshot -


7) Indicators of Compromise -
hxxp://windows-tuneup.com/web293/xUser.php
hxxp://karma2xgg6ccmupd.onion


8) File Details -
MD5 ec92cfefc3fed1f7eb18c6995bd1b34f
SHA1 8ffba0509234a24f2051b7d8fcae77858d32dd39
SHA256 68f90ea4e217c6cad65f8f70ff3d63d37e854efc480c7eb2992ecfbffccb1018
ssdeep3072: Z4OmsUJHosB6XWowVZOBYccSkpidTjtaTK4c4V7vSGnabtjfO7: Cz + sBqwViuUTjtPQzabtj
authentihash  c52b7de7ccc401cfbbd3a066fea95a232302d1025698155c176412c01e0370c2
imphash  f34d5f2d4577ed6d9ceec516c1f5a744
The size of the file is 258.0 KB (264192 bytes)
Win32 EXE file type
DescriptionPE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono / .Net assembly

Comments