Egregor Ransomware is the successor of Maze Ransomware
and Sekhmet Ransomware
.Egregor ransomware allegedly compromise and steal data from more than 50 companies including the big fishes like Crytek, Ubisoft, Foxtons Group and Barnes and Noble. It latest victim is the Chilean retail giant Cencosud based. A new random extension is used for each file. A file marker of two DWORDs is used in EOF XOR'd together to a specific value to identify encrypted files.
Egregor Ransomware Signatures
Egregor Ransomware Download