← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Shanya: The Silent Engine Behind Modern Stealth Attacks
WHITE CODERED_VTA 2025-12-09 Modified: 2025-12-09
37
IOCs
MEDIUM VOLUME
The full text of Shanya EDR killer post, compiled by Sophieos.com, on 1 December 2016, as part of a series of articles on the security threat posed by the Russian state.
edr killerdll versionearlyseendownload serverindicatortypedataindicatorsshanya edrshanyafigureopenssophosheartcryptstealcdll nameakiraaprilcryptautoruntelegrambumblebeecopyaugustqilincrytoxscreenbluesky
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Akira
Indicators of Compromise (37)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 17e13b559e8130e43dcbda8e26ec6351 MD5 of 2647c28b0967b7923d7c857fa1bdc7687d8f816f9dc4906c6a6f66f687a6419a 2025-12-09
FileHash-MD5 247890c8e1787f3836a9085244b70e83 MD5 of 6645297a0a423564f99b9f474b0df234d6613d04df48a94cb67f541b8eb829d1 2025-12-09
FileHash-MD5 291aa9f17d170ee9ca027c16d4acfaf9 MD5 of 65de909d70e361d611d00a944ea094c385467777ffc053c96aafa04c795fdc90 2025-12-09
FileHash-MD5 29236d33201697a40042b3325414c593 MD5 of 59906b022adfc6f63903adbdbb64c82881e0b1664d6b7f7ee42319019fcb3d7e 2025-12-09
FileHash-MD5 34fe39190f861681e61a46fe8162d3bc MD5 of 087216ee05746cc264752b0623dc6a1e32cddc0ca088832672e6dd356d394393 2025-12-09
FileHash-MD5 3fd73115a166157e731e8b538155ab4f MD5 of 5b7b280b53ff3cf95ead4fd4a435cd28294c5fce6a924ec52e500a109deb868b 2025-12-09
FileHash-MD5 54de95cc33834a2f877ba4842860af27 MD5 of 95a6f6e79c1842cea3603df3209fddc12aeb4fc77d1c58a852f877b1eaa9c4c9 2025-12-09
FileHash-MD5 b1a5c56edf70f327d7c7dbff3d861a94 MD5 of 2bfb560c7b34a2b4c30db711900d6e56d86f754f4fbeebe551b8c67bc30a2b36 2025-12-09
FileHash-SHA1 127b50c8185986a52ae66bf6e7e67a6fd787c4fc SHA1 of 95a6f6e79c1842cea3603df3209fddc12aeb4fc77d1c58a852f877b1eaa9c4c9 2025-12-09
FileHash-SHA1 241dd3ffbafb0d15876504710fcaaa807d2c03c8 SHA1 of 59906b022adfc6f63903adbdbb64c82881e0b1664d6b7f7ee42319019fcb3d7e 2025-12-09
FileHash-SHA1 54a3e9a0b1822bba5a3d5be96f9c00c5cc9cd244 SHA1 of 2647c28b0967b7923d7c857fa1bdc7687d8f816f9dc4906c6a6f66f687a6419a 2025-12-09
FileHash-SHA1 58995a6c6042ed15f765a11160690c45f76f8271 2025-12-09
FileHash-SHA1 5cb0e22b625db7daa9690245d57989c21ab43b27 SHA1 of 65de909d70e361d611d00a944ea094c385467777ffc053c96aafa04c795fdc90 2025-12-09
FileHash-SHA1 83317a42290ef8577e1980dc6085ab789dcc0c8f 2025-12-09
FileHash-SHA1 a3bdb419703a70157f2b7bd1dc2e4c9227dd9fe8 SHA1 of 5b7b280b53ff3cf95ead4fd4a435cd28294c5fce6a924ec52e500a109deb868b 2025-12-09
FileHash-SHA1 aebd71337ad1e95c38eb7a07beb498e1c7d6e8bf SHA1 of 2bfb560c7b34a2b4c30db711900d6e56d86f754f4fbeebe551b8c67bc30a2b36 2025-12-09
FileHash-SHA1 cb6d7a35e917322401558aed727289423f384876 SHA1 of 087216ee05746cc264752b0623dc6a1e32cddc0ca088832672e6dd356d394393 2025-12-09
FileHash-SHA1 df86c01f54636d72e18044f99a9694c82a819946 SHA1 of 6645297a0a423564f99b9f474b0df234d6613d04df48a94cb67f541b8eb829d1 2025-12-09
FileHash-SHA256 087216ee05746cc264752b0623dc6a1e32cddc0ca088832672e6dd356d394393 2025-12-09
FileHash-SHA256 2647c28b0967b7923d7c857fa1bdc7687d8f816f9dc4906c6a6f66f687a6419a 2025-12-09
FileHash-SHA256 2bfb560c7b34a2b4c30db711900d6e56d86f754f4fbeebe551b8c67bc30a2b36 2025-12-09
FileHash-SHA256 59906b022adfc6f63903adbdbb64c82881e0b1664d6b7f7ee42319019fcb3d7e 2025-12-09
FileHash-SHA256 5b7b280b53ff3cf95ead4fd4a435cd28294c5fce6a924ec52e500a109deb868b 2025-12-09
FileHash-SHA256 605f9e0e1cd48d21280bfaa8101a621bdf27a87286370b8d2b34e9c0b974fbde 2025-12-09
FileHash-SHA256 65de909d70e361d611d00a944ea094c385467777ffc053c96aafa04c795fdc90 2025-12-09
FileHash-SHA256 6645297a0a423564f99b9f474b0df234d6613d04df48a94cb67f541b8eb829d1 2025-12-09
FileHash-SHA256 95a6f6e79c1842cea3603df3209fddc12aeb4fc77d1c58a852f877b1eaa9c4c9 2025-12-09
FileHash-SHA256 9b4c960df76257b56a2f52cd2c938b76ec64f46cc86f6112db349f9aa02bb323 2025-12-09
FileHash-SHA256 9fc1fd3d5e303cd20f75d2df4500c22627ad7125cca5ea5e9f7d76362d155823 2025-12-09
FileHash-SHA256 aad15de62b4196390c062e831d69365e44af23ca56d4778bd5bc086720fc2912 2025-12-09
FileHash-SHA256 b33570f16763f9b5d0f265baf0b565238d7b8f522d37340c890d059d9f9ff4dd 2025-12-09
FileHash-SHA256 f548fb03a3834db7db437db837e0d23785e16a875199a1d7250a3c91390d934c 2025-12-09
URL http://biklkfd.com/upd 2025-12-09
URL http://biokdsl.com/upd 2025-12-09
domain biklkfd.com 2025-12-09
domain biokdsl.com 2025-12-09
URL http://biokdsl.com/upd' 2025-12-09
References (1)
↗ https://news.sophos.com/en-us/2025/12/06/inside-shanya-a-packer-as-a-service-fueling-modern-attacks/