# Copyright (c) 2014-2023 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: prolock # Reference: https://www.cybereason.com/blog/cybereason-vs-egregor-ransomware # Reference: https://otx.alienvault.com/pulse/5fbed263fa9e196c722eff7a http://185.238.0.233 http://45.153.242.129 http://49.12.104.241 49.12.104.241:81 egregor.top egregor4u5ipdzhv.onion o3n4bhhtybbtwqqs.onion # Reference: https://twitter.com/JAMESWT_MHT/status/1329783380305653767 # Reference: https://bazaar.abuse.ch/sample/cb76c19c178a71a5115ee308b51de416255de06d4e8226fdda8e59275a519c14/ # Reference: https://www.virustotal.com/gui/file/cb76c19c178a71a5115ee308b51de416255de06d4e8226fdda8e59275a519c14/detection # Reference: https://www.virustotal.com/gui/file/255e2f5a73623eeada2438de7fe335e2ff3d3e56038da9d457d53770c6f62dba/detection # Reference: https://www.virustotal.com/gui/ip-address/8.208.96.47/relations egregorwiki.top newsegregor.top wikiegregor.top # Reference: https://areteir.com/wp-content/uploads/2021/01/01182021_Egregor_Insight.pdf # Reference: https://otx.alienvault.com/pulse/60146fd59c6b2bfdcd615572/ http://49.12.104.241 185.238.0.241:81 49.12.104.241:81 # Reference: https://www.hackplayers.com/2021/02/sitios-cibercriminales-deepweb.html egregoranrmzapcv.onion msaoyrayohnp32tcgwcanhjouetb5k54aekgnwg7dcvtgtecpumrxpqd.onion