jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » BushidoUK ToolMatrix GroupProfiles: ProphetSpider

BushidoUK ToolMatrix GroupProfiles: ProphetSpider

Report 1 min lectura bushidouk
Fecha
18 Jun 2026
Actor
bushidouk
Tipo
Report
Pais
United States
Sector
Defense
Confianza
high
65
Prioridad analitica
Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

3IOCs
0TTPs
bushidoukActor
United StatesPais
Executive Summary
Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

Key Points

  • Source: GroupProfiles/ProphetSpider.md
  • BushidoUK Tool Matrix

GroupProfiles: ProphetSpider.md

Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

Prophet Spider's Tools

| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |

|---|---|---|---|---|---|---|---|

| TXPortMap | | | Mimikatz | BurpSuite | | PAExec | PSCP |

| | | | | ConPtyShell | | Minidump | |

| | | | | Godzilla Web Shell | | WinExe | |

| | | | | PwnTools | | | |

| | | | | Responder | | | |

> [!NOTE]

> This is the list of tools that have been observed during various intrusions that were used the Prophet Spider IAB group that leads to ransomware deployment, such as MAZE, Egregor, or MountLocker

#### Sources

| Date Published | Report |

|---|---|

| 20 September 2023 | https://www.secureworks.com/research/gold-melody-profile-of-an-initial-access-broker |

| 23 March 2023 | https://cloud.google.com/blog/topics/threat-intelligence/unc961-multiverse-financially-motivated |

| 7 March 2022 | https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile |

| 4 August 2021 | https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity |

Referencias

Diamond Model

Adversary
bushidouk
Ver perfil →
Victim
BushidoUK ToolMatrix GroupProfiles: ProphetSpider
United States
Capability
Report
Infrastructure
www.secureworks.com
cloud.google.com
www.crowdstrike.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

21 enlaces
Domain
cloud.google.com
IOC compartido
Domain
www.secureworks.com
IOC compartido
Domain
www.crowdstrike.com
IOC compartido
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
Nodo actual
BushidoUK ToolMatrix GroupProfiles: ProphetSpider
bushidouk · United States
Victima
BushidoUK ToolMatrix GroupProfiles: ScatteredSpider
www.crowdstrike.com cloud.google.com
IOC compartido
Victima
BushidoUK RVM Profile: ProphetSpider
www.secureworks.com cloud.google.com
IOC compartido
Victima
BushidoUK ToolMatrix ThreatIntel: ExtraThreatIntel
www.crowdstrike.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: BlackBasta
cloud.google.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: EvilCorp
cloud.google.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: INC_Ransom
www.secureworks.com
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: Qilin
www.secureworks.com
IOC compartido
Victima
APTTrail: APT 45 indicators and references
cloud.google.com
IOC compartido
Victima mismo actor
BushidoUK ToolMatrix Tools: AllTools
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: CredentialTheft
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: DefenseEvasion
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: DiscoveryEnum
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: Exfiltration
18 Jun 2026
mismo actor

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain www.secureworks.com Extraido del contenido VT OffSec SOCRadar
Domain cloud.google.com Extraido del contenido VT OffSec SOCRadar
Domain www.crowdstrike.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bushidouk en el blog → Ver bushidouk en IntelTracker → Fuente OSINT: github.com→ Fuente OSINT: github.com → Buscar bushidouk en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen