Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)

Megazord is a Rust-based variant of Akira ransomware that has been in use since at least August 2023 to target Windows environments. Megazord has been attributed to the Akira group based on overlapping infrastructure though is possibly not exclusive to the group.(Citation: CISA Akira Ransomware APR 2024)(Citation: Cisco Akira Ransomware OCT 2024)(Citation: Palo Alto Howling Scorpius DEC 2024)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)	Malware	Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580)	Attack Pattern	1
Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)	Malware	Data Encrypted for Impact - T1486 (b80d107d-fa0d-4b60-9684-b0433e8bdba0)	Attack Pattern	1
Service Stop - T1489 (20fb2507-d71c-455d-9b6d-6104461cf26b)	Attack Pattern	Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)	Malware	1
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62)	Attack Pattern	Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)	Malware	1
Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)	Malware	Log Enumeration - T1654 (866d0d6d-02c6-42bd-aa2f-02907fdc0969)	Attack Pattern	1
Megazord - S1191 (4e762e29-3c56-4a2b-b205-c5890c0856ed)	Malware	File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18)	Attack Pattern	1
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62)	Attack Pattern	2