jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » BushidoUK ToolMatrix CommunityReports: CR-003-AKIRA-JUN-2025

BushidoUK ToolMatrix CommunityReports: CR-003-AKIRA-JUN-2025

Report 1 min lectura bushidouk
Fecha
18 Jun 2026
Actor
bushidouk
Tipo
Report
Pais
United Kingdom
Sector
Manufacturing
Confianza
high
80
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

6IOCs
0TTPs
bushidoukActor
United KingdomPais
Executive Summary
Recurso del BushidoUK Ransomware Tool Matrix - CommunityReports.

Key Points

  • Source: CommunityReports/CR-003-AKIRA-JUN-2025.md
  • BushidoUK Tool Matrix

CommunityReports: CR-003-AKIRA-JUN-2025.md

Recurso del BushidoUK Ransomware Tool Matrix - CommunityReports.

Community Report 003 - Akira June 2025

Contributor Details

- Real Name: N/A

- Online Handle / Links to profiles: https://x.com/SecurityAura

- Employer: Private, DFIR role

- Affiliations: Curated Intelligence

---

Adversary

- Named adversary: Akira

---

Incident Details

- Time of Incident: June 2025

- Victim Sector: Manufacturing

- Victim Country: Canada

- Victim Size: 100-1000

---

Observed Tools

| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |

|---|---|---|---|---|---|---|---|

| | | icardagt.exe (version.dll) | | | | | WinRAR |

| | | mfpmp.exe (rtworkq.dll) | | | | | FileZilla |

---

#### Any Related Sources

- icardagt.exe DLL sideloading of version.dll - https://hijacklibs.net/entries/microsoft/built-in/version.html

- mfpmp.exe DLL sideloading of rtworkq.dll - https://hijacklibs.net/entries/microsoft/built-in/rtworkq.html

| Date Published | Report |

|---|---|

| 2025/08/05 | https://www.guidepointsecurity.com/blog/gritrep-akira-sonicwall/ |

Referencias

Diamond Model

Adversary
bushidouk
Ver perfil →
Victim
BushidoUK ToolMatrix CommunityReports: CR-003-AKIRA-JUN-2025
United Kingdom
Capability
Report
Infrastructure
hijacklibs.net
www.guidepointsecurity.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

16 enlaces
Domain
www.guidepointsecurity.com
IOC compartido
File
icardagt.exe
IOC compartido
File
version.dll
IOC compartido
Domain
hijacklibs.net
IOC compartido
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
IntelTracker / OSINT link
github.com
bushidouk
enlace asociado al actor
Nodo actual
BushidoUK ToolMatrix CommunityReports: CR-003-AKIRA-JUN-2025
bushidouk · United Kingdom
Victima
BushidoUK ToolMatrix CommunityReports: CR-001-AKIRA-JUN-2025
icardagt.exe version.dll
IOC compartido
Victima
BushidoUK ToolMatrix CommunityReports: CR-016-PLAY-APR-2025
icardagt.exe version.dll
IOC compartido
Victima
BushidoUK ToolMatrix GroupProfiles: INC_Ransom
www.guidepointsecurity.com
IOC compartido
Victima mismo actor
BushidoUK ToolMatrix Tools: AllTools
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: CredentialTheft
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: DefenseEvasion
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: DiscoveryEnum
18 Jun 2026
mismo actor
Victima mismo actor
BushidoUK ToolMatrix Tools: Exfiltration
18 Jun 2026
mismo actor

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
File icardagt.exe Artefacto observado VT OffSec SOCRadar
File version.dll Artefacto observado VT OffSec SOCRadar
File mfpmp.exe Artefacto observado VT OffSec SOCRadar
File rtworkq.dll Artefacto observado VT OffSec SOCRadar
Domain hijacklibs.net Extraido del contenido VT OffSec SOCRadar
Domain www.guidepointsecurity.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bushidouk en el blog → Ver bushidouk en IntelTracker → Fuente OSINT: github.com→ Fuente OSINT: github.com → Buscar bushidouk en APTTrail → Repositorio APTTrail → Mas incidentes en United Kingdom → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen