Apostle

Description

(SentinelLabs) One of the wipers used in the attack, dubbed ‘Apostle’, was later turned into a fully functional ransomware, replacing its wiper functionalities. The message inside it suggests it was used to target a critical, nation-owned facility in the United Arab Emirates. The similarity to its wiper version, as well as the nature of the target in the context of regional disputes, leads us to believe that the operators behind it are utilizing ransomware for its disruptive capabilities.

Names

Name
Apostle

Type

Wiper
Ransomware

Information

https://assets.sentinelone.com/sentinellabs/evol-agrius
https://www.sentinelone.com/labs/new-version-of-apostle-ransomware-reemerges-in-targeted-attack-on-higher-education/
https://www.sentinelone.com/wp-content/uploads/2021/05/SentinelLabs_From-Wiper-to-Ransomware-The-Evolution-of-Agrius.pdf
https://cyberpunkleigh.wordpress.com/2021/05/27/apostle-ransomware-analysis/

Mitre Attack

https://attack.mitre.org/software/S1133

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.apostle

Other Information

Uuid

8bce8d3a-ca82-4e2a-8fe3-87f4c2f83382

Last Card Change

2024-12-27

Threat Intelligence Garden

Explorer

Apostle

Apostle

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks