1 malware family

SRG

Also known asSRG

Are they targeting you?

Know when an actor pivots toward your sector

Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.

Start free trial

MITRE ATT&CK

Tradecraft

36 distinct techniques observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.

12 of 15 tactics40 techniques×N= number of intelligence reports citing this technique

MITRE ATT&CK

TA0043

Reconnaissance

1 technique

T1598×2

Phishing for Information

T1598.004×6

Spearphishing Voice

TA0042

Resource Development

1 technique

T1584

Compromise Infrastructure

T1584.005

Botnet

TA0001

Initial Access

6 techniques

T1078×7

Valid Accounts

T1091×5

Replication Through Removable Media

T1133×2

External Remote Services

T1199×2

Trusted Relationship

T1200×3

Hardware Additions

T1566×10

Phishing

T1566.001

Spearphishing Attachment

T1566.002

Spearphishing Link

T1566.003×3

Spearphishing via Service

T1566.004

Spearphishing Voice

TA0003

Persistence

2 techniques

T1078×7

Valid Accounts

T1133×2

External Remote Services

TA0004

Privilege Escalation

2 techniques

T1078×7

Valid Accounts

T1548×2

Abuse Elevation Control Mechanism

TA0005

Stealth

2 techniques

T1036

Masquerading

T1078×7

Valid Accounts

TA0007

Discovery

1 technique

T1580

Cloud Infrastructure Discovery

TA0008

Lateral Movement

2 techniques

T1021×5

Remote Services

T1091×5

Replication Through Removable Media

TA0009

Collection

4 techniques

T1005×3

Data from Local System

T1074×3

Data Staged

T1530

Data from Cloud Storage

T1560

Archive Collected Data

TA0011

Command and Control

4 techniques

T1090

Proxy

T1105

Ingress Tool Transfer

T1219×2

Remote Access Tools

T1568

Dynamic Resolution

T1568.001

Fast Flux DNS

TA0010

Exfiltration

4 techniques

T1048×3

Exfiltration Over Alternative Protocol

T1052×2

Exfiltration Over Physical Medium

T1052.001×2

Exfiltration over USB

T1537

Transfer Data to Cloud Account

T1567×2

Exfiltration Over Web Service

T1567.002×2

Exfiltration to Cloud Storage

TA0040

Impact

2 techniques

T1486×6

Data Encrypted for Impact

T1657×3

Financial Theft

ARSENAL

Associated malware families

1 malware family attributed to this actor across reporting.

FamilyContextEvidenceLast seen

ContiWaseem Ahmed, head of engineering at Secure.com, explained that SGR is a Conti offshoot now running pure data-theft extortion.1Jun 8, 2026

IOCS

Observables

226 indicators attributed to this actor: domains, IPs, hashes, and other artifacts pulled from reporting. View more in app.

226 IOCsView more in app

Domains

197 total

••••••.com•••••••.ru••••••••.com•••••••••.net••••••••••.com•••••••••••.ru••••••••••••.com••••••.ru+189

ip.v4

25 total

••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••+17

uri

3 total

•••••••••••••••••••••••••••

hash.md5

1 total

••••••••

IOC values are gated. View more in Mallory for domains, IPs, hashes, and other artifacts, or pipe them straight into your SIEM.

ACTIVITY FEED

Recent activity

No public activity tracked yet. Mallory keeps watching.

0 SOURCESView more in app

No public activity observed for this threat actor.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: sector and geo overlap with your footprint, the IOCs they’re burning right now, detection coverage, and what to do next.

Start free trial

Target overlap

Match sector + geo + tech-stack targeting against your real footprint.

Tradecraft mapping36

Every observed MITRE ATT&CK technique, grouped by tactic.

Malware arsenal1

Families this actor is known to deploy, with IOCs and behavior.

Exploited CVEs

CVEs this actor has used in known campaigns.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Observables226

Domains, IPs, and hashes tied to this actor, refreshed continuously.