BushidoUK ToolMatrix ThreatIntel: TheDFIRReportGroups

Report 18 Jun 2026 2 min lectura bushidouk

Fecha

18 Jun 2026

Actor

bushidouk

Tipo

Report

Pais

United States

Sector

Confianza

high

Prioridad analitica

Baja

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

0IOCs

0TTPs

bushidoukActor

United StatesPais

Executive Summary

Recurso del BushidoUK Ransomware Tool Matrix - ThreatIntel.

Key Points

Source: ThreatIntel/TheDFIRReportGroups.md
BushidoUK Tool Matrix

ThreatIntel: TheDFIRReportGroups.md

Recurso del BushidoUK Ransomware Tool Matrix - ThreatIntel.

The DFIR Report Threat Groups

> [!IMPORTANT]

> The Threat Groups mentioned in other files in this repository are highlighted in the following list from The DFIR Report. It was important to use this list of publicly available reports as the main source as it makes it so the research can be independently peer reviewed.

| Most Recent Publication | Ransomware/Extortionist | Report |

|---|---|---|

| 28 April 2025 | Fog | Navigating Through The Fog |

| 31 March 2025 | BlackSuit | Fake Zoom Ends in BlackSuit Ransomware |

| 26 August 2024 | BlackSuit | BlackSuit Ransomware |

| 10 June 2024 | BlackCat (ALPHV) | IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment |

| 29 April 2024 | Dagon Locker | From IcedID to Dagon Locker Ransomware in 29 Days |

| 1 April 2024 | Nokoyawa | From OneNote to RansomNote: An Ice Cold Intrusion / IcedID Macro Ends in Nokoyawa Ransomware |

| 29 January 2024 | Trigona | Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours |

| 25 September 2023 | Hive | From ScreenConnect to Hive Ransomware in 61 hours |

| 3 April 2023 | Quantum | Malicious ISO File Leads to Domain Wide Ransomware / Quantum Ransomware |

| 4 April 2022 | Conti | Stolen Images Campaign Ends in Conti Ransomware / BazarLoader to Conti Ransomware in 32 Hours / BazarCall to Conti Ransomware via Trickbot and Cobalt Strike / Conti Ransomware |