Egregor
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[Egregor](https://attack.mitre.org/software/S0554) is a Ransomware-as-a-Service (RaaS) tool that was first observed in September 2020. Researchers have noted code similarities between [Egregor](https://attack.mitre.org/software/S0554) and Sekhmet ransomware, as well as [Maze](https://attack.mitre.org/software/S0449) ransomware.(Citation: NHS Digital Egregor Nov 2020)(Citation: Cyble Egregor Oct 2020)(Citation: Security Boulevard Egregor Oct 2020)
Tecniche Associate (25)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1027.002 | Software Packing | - |
| T1033 | System Owner/User Discovery | - |
| T1036.004 | Masquerade Task or Service | - |
| T1039 | Data from Network Shared Drive | - |
| T1049 | System Network Connections Discovery | - |
| T1055 | Process Injection | - |
| T1059.001 | PowerShell | - |
| T1059.003 | Windows Command Shell | - |
| T1069.002 | Domain Groups | - |
| T1071.001 | Web Protocols | - |
| T1082 | System Information Discovery | - |
| T1105 | Ingress Tool Transfer | - |
| T1106 | Native API | - |
| T1124 | System Time Discovery | - |
| T1140 | Deobfuscate/Decode Files or Information | - |
Metadata
| ID: | 566 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |