EKANS
MITRE
Malware Type:
Other
Other
First seen:
Unknown
Unknown
Last seen:
Unknown
Unknown
Details:
[EKANS](https://attack.mitre.org/software/S0605) is ransomware variant written in Golang that first appeared in mid-December 2019 and has been used against multiple sectors, including energy, healthcare, and automotive manufacturing, which in some cases resulted in significant operational disruptions. [EKANS](https://attack.mitre.org/software/S0605) has used a hard-coded kill-list of processes, including some associated with common ICS software platforms (e.g., GE Proficy, Honeywell HMIWeb, etc), similar to those defined in [MegaCortex](https://attack.mitre.org/software/S0576).(Citation: Dragos EKANS)(Citation: Palo Alto Unit 42 EKANS)
Associated Techniques (9)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1016 | System Network Configuration Discovery | - |
| T1027 | Obfuscated Files or Information | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1047 | Windows Management Instrumentation | - |
| T1057 | Process Discovery | - |
| T1486 | Data Encrypted for Impact | - |
| T1489 | Service Stop | - |
| T1490 | Inhibit System Recovery | - |
| T1562.001 | Disable or Modify Tools | - |
Aliases (195)
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
SNAKEHOSE
Metadata
| ID: | 5 |
| Created: | 13/01/2026 17:48 |
| Updated: | 21/04/2026 04:00 |