jordiserrano.me ClickFix KAIROS IntelTracker

BushidoUK ToolMatrix GroupProfiles: BianLian

Report 18 Jun 2026 1 min lectura bushidouk

Fecha

18 Jun 2026

Actor

bushidouk

Tipo

Report

Pais

United States

Sector

Defense

Confianza

high

60

Prioridad analitica

Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

2IOCs

0TTPs

bushidoukActor

United StatesPais

Executive Summary

Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

Key Points

Source: GroupProfiles/BianLian.md
BushidoUK Tool Matrix

GroupProfiles: BianLian.md

Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

BianLian's Tools

| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |

|---|---|---|---|---|---|---|---|

| Advanced IP Scanner | AmmyyAdmin | | RDP Recognizer | Impacket | | PsExec | MEGA |

| PingCastle | AnyDesk | | | | | | RClone |

| SharpShares | Atera | | | | | | |

| SoftPerfect NetScan | ScreenConnect | | | | | | |

| WKTools | Splashtop | | | | | | |

| | TeamViewer | | | | | | |

> [!NOTE]

> This is the list of tools that have been observed during various intrusions that lead to BianLian ransomware deployment.

#### Sources

| Date Published | Report |

|---|---|

| 26 March 2025 | https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/ |

| 16 May 2023 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-136a |

Referencias

Diamond Model

Adversary

bushidouk

Ver perfil →

Victim

BushidoUK ToolMatrix GroupProfiles: BianLian

United States

Capability

Report

Infrastructure

www.welivesecurity.com

www.cisa.gov

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

21 enlaces

www.welivesecurity.com

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

BushidoUK ToolMatrix GroupProfiles: BianLian

bushidouk · United States

BushidoUK ToolMatrix ThreatIntel: ExtraThreatIntel

www.welivesecurity.com

BushidoUK ToolMatrix GroupProfiles: Akira

BushidoUK ToolMatrix GroupProfiles: BlackBasta

BushidoUK ToolMatrix GroupProfiles: BlackSuit

BushidoUK ToolMatrix GroupProfiles: Interlock

BushidoUK ToolMatrix GroupProfiles: PLAY

BushidoUK ToolMatrix GroupProfiles: ScatteredSpider

APTTrail: apt-c-60 indicators and references

www.welivesecurity.com

Victima mismo actor

BushidoUK ToolMatrix Tools: AllTools

Victima mismo actor

BushidoUK ToolMatrix Tools: CredentialTheft

Victima mismo actor

BushidoUK ToolMatrix Tools: DefenseEvasion

Victima mismo actor

BushidoUK ToolMatrix Tools: DiscoveryEnum

Victima mismo actor

BushidoUK ToolMatrix Tools: Exfiltration

Indicadores de Compromiso (IOCs)

Tipo	Valor	Contexto	OSINT
Domain	www.welivesecurity.com	Extraido del contenido	VT OffSec SOCRadar
Domain	www.cisa.gov	Extraido del contenido	VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bushidouk en el blog → Ver bushidouk en IntelTracker → Fuente OSINT: github.com → Fuente OSINT: github.com → Buscar bushidouk en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog

← Volver al panel de inteligencia

Incidentes recientes