Apostle

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[Apostle](https://attack.mitre.org/software/S1133) is malware that has functioned as both a wiper and, in more recent versions, as ransomware. [Apostle](https://attack.mitre.org/software/S1133) is written in .NET and shares various programming and functional overlaps with [IPsec Helper](https://attack.mitre.org/software/S1132).(Citation: SentinelOne Agrius 2021)

Associated Techniques (10)

ID	ATT&CK	Tactics
T1053.005	Scheduled Task	-
T1057	Process Discovery	-
T1070.001	Clear Windows Event Logs	-
T1070.004	File Deletion	-
T1140	Deobfuscate/Decode Files or Information	-
T1480	Execution Guardrails	-
T1485	Data Destruction	-
T1486	Data Encrypted for Impact	-
T1529	System Shutdown/Reboot	-
T1561.001	Disk Content Wipe	-

Used by Actors (1)

Agrius
Unknown

Metadata

ID:	191
Created:	13/01/2026 17:48
Updated:	21/04/2026 16:00