# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://www.cybereason.com/blog/cybereason-vs-egregor-ransomware # Reference: https://otx.alienvault.com/pulse/5fbed263fa9e196c722eff7a http://185.238.0.233 http://45.153.242.129 http://49.12.104.241 49.12.104.241:81 egregor.top egregor4u5ipdzhv.onion o3n4bhhtybbtwqqs.onion # Reference: https://twitter.com/JAMESWT_MHT/status/1329783380305653767 # Reference: https://bazaar.abuse.ch/sample/cb76c19c178a71a5115ee308b51de416255de06d4e8226fdda8e59275a519c14/ # Reference: https://www.virustotal.com/gui/file/cb76c19c178a71a5115ee308b51de416255de06d4e8226fdda8e59275a519c14/detection # Reference: https://www.virustotal.com/gui/file/255e2f5a73623eeada2438de7fe335e2ff3d3e56038da9d457d53770c6f62dba/detection # Reference: https://www.virustotal.com/gui/ip-address/8.208.96.47/relations egregorwiki.top newsegregor.top wikiegregor.top