jordiserrano.me ClickFix KAIROS IntelTracker

BushidoUK ToolMatrix GroupProfiles: BlackBasta

Report 18 Jun 2026 1 min lectura bushidouk

Fecha

18 Jun 2026

Actor

bushidouk

Tipo

Report

Pais

United States

Sector

Defense

Confianza

high

65

Prioridad analitica

Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

3IOCs

0TTPs

bushidoukActor

United StatesPais

Executive Summary

Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

Key Points

Source: GroupProfiles/BlackBasta.md
BushidoUK Tool Matrix

GroupProfiles: BlackBasta.md

Recurso del BushidoUK Ransomware Tool Matrix - GroupProfiles.

Black Basta's Tools

| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |

|---|---|---|---|---|---|---|---|

| AdFind | AnyDesk | Backstab | Mimikatz | Brute Ratel (BRc4) | | BITSAdmin | Rclone |

| Bloodhound | Atera | | | Cobalt Strike | | PsExec | Qaz[.]im |

| PowerView | NetSupport | | | Metasploit | | | |

| PSNmap | ScreenConnect | | | PowerSploit| | | |

| SoftPerfect NetScan | Splashtop | | | | | | |

| | Supremo | | | | | | |

> [!NOTE]

> This is the list of tools that have been observed during various intrusions that lead to Black Basta ransomware deployment.

#### Sources

| Date Published | Report |

|---|---|

| 29 July 2024 | https://cloud.google.com/blog/topics/threat-intelligence/unc4393-goes-gently-into-silentnight |

| 10 May 2024 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-131a |

| 12 October 2022 | https://www.trendmicro.com/en_ca/research/22/j/black-basta-infiltrates-networks-via-qakbot-brute-ratel-and-coba.html |

Referencias

Diamond Model

Adversary

bushidouk

Ver perfil →

Victim

BushidoUK ToolMatrix GroupProfiles: BlackBasta

United States

Capability

Report

Infrastructure

cloud.google.com

www.cisa.gov

www.trendmicro.com

Relations

Mapa de nodos relacionados por IOCs compartidos, actor, enlaces IntelTracker/OSINT, campanas y victimas observadas. Haz click en un nodo para abrir el post, filtro o fuente.

21 enlaces

cloud.google.com

www.trendmicro.com

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

IntelTracker / OSINT link

enlace asociado al actor

BushidoUK ToolMatrix GroupProfiles: BlackBasta

bushidouk · United States

BushidoUK ToolMatrix GroupProfiles: ScatteredSpider

www.cisa.gov cloud.google.com

BushidoUK ToolMatrix ThreatIntel: ExtraThreatIntel

www.trendmicro.com

BushidoUK ToolMatrix GroupProfiles: Akira

BushidoUK ToolMatrix GroupProfiles: BianLian

BushidoUK ToolMatrix GroupProfiles: BlackSuit

BushidoUK ToolMatrix GroupProfiles: DragonForce

www.trendmicro.com

BushidoUK ToolMatrix GroupProfiles: EvilCorp

cloud.google.com

BushidoUK ToolMatrix GroupProfiles: Interlock

Victima mismo actor

BushidoUK ToolMatrix Tools: AllTools

Victima mismo actor

BushidoUK ToolMatrix Tools: CredentialTheft

Victima mismo actor

BushidoUK ToolMatrix Tools: DefenseEvasion

Victima mismo actor

BushidoUK ToolMatrix Tools: DiscoveryEnum

Victima mismo actor

BushidoUK ToolMatrix Tools: Exfiltration

Indicadores de Compromiso (IOCs)

Tipo	Valor	Contexto	OSINT
Domain	cloud.google.com	Extraido del contenido	VT OffSec SOCRadar
Domain	www.cisa.gov	Extraido del contenido	VT OffSec SOCRadar
Domain	www.trendmicro.com	Extraido del contenido	VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor bushidouk en el blog → Ver bushidouk en IntelTracker → Fuente OSINT: github.com → Fuente OSINT: github.com → Buscar bushidouk en APTTrail → Repositorio APTTrail → Mas incidentes en United States → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog

← Volver al panel de inteligencia

Incidentes recientes