Egregor - Ransomware

Egregor ransomware exfiltrates sensitive information before encrypting files and gives the victim three days to contact the threat actor or the stolen data will be posted online. The malicious software is a variant of the Sekhmet ransomware family and uses multiple techniques to bypass defense measures including obfuscation, software packing, and sandbox evasion. The ransom note reports the actor is willing to provide security recommendations to the victim to avoid being breached again.