{
	"id": "63a29936-6789-48b6-aa52-94698b932d73",
	"created_at": "2026-04-06T00:21:28.180417Z",
	"updated_at": "2026-04-10T03:20:39.321495Z",
	"deleted_at": null,
	"sha1_hash": "c8df17e0348261e3f712d3b36d046358019a1b5a",
	"title": "Rapport menaces et incidents - CERT-FR",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 37227,
	"plain_text": "Rapport menaces et incidents - CERT-FR\r\nArchived: 2026-04-05 18:13:45 UTC\r\nUne gestion de version détaillée se trouve à la fin de ce document.\r\nFrench version:\r\nActive since September 2020, the Egregor ransomware is currently being used in Big Game Hunting operations.\r\nPart of the Sekhmet malware family, Egregor is sometimes considered the successor to Maze. It is made available\r\nto various affiliates, explaining the different chains of infection reported. Trojans such as Qakbot, Ursnif and\r\nIcedID, can be used to deliver Egregor.\r\nThis report provides a synthesis of ANSSI’s knowledge on this malware.\r\nIndicators of compromise are available on the page CERTFR-2020-IOC-006.\r\nDOWNLOAD THE REPORT\r\nGestion détaillée du document\r\nle 02 mars 2021\r\nVersion initiale\r\nle 02 mars 2021\r\n-\r\nle 03 mars 2021\r\n-\r\nSource: https://www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-007/\r\nhttps://www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-007/\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.cert.ssi.gouv.fr/cti/CERTFR-2021-CTI-007/"
	],
	"report_names": [
		"CERTFR-2021-CTI-007"
	],
	"threat_actors": [],
	"ts_created_at": 1775434888,
	"ts_updated_at": 1775791239,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/c8df17e0348261e3f712d3b36d046358019a1b5a.pdf",
		"text": "https://archive.orkl.eu/c8df17e0348261e3f712d3b36d046358019a1b5a.txt",
		"img": "https://archive.orkl.eu/c8df17e0348261e3f712d3b36d046358019a1b5a.jpg"
	}
}