Skip to content

<<< Hide Navigation Hide TOC >>>

MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5)

MultiLayer Wiper is wiper malware written in .NET associated with Agrius operations. Observed samples of MultiLayer Wiper have an anomalous, future compilation date suggesting possible metadata manipulation.(Citation: Unit42 Agrius 2023)

Galaxy ColorsAttack Pat...Malware
Rows: 23
Loading extensions...
Collapse filters
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Cluster A Galaxy A Cluster B Galaxy B Level
Embedded Payloads - T1027.009 (0533ab23-3f7d-463f-9bd8-634d27e4dee1) Attack Pattern MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Disk Structure Wipe - T1561.002 (0af0ca99-357d-4ba1-805f-674fdfb7bef9) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware File and Directory Discovery - T1083 (7bc57495-ea59-4380-be31-a64af124ef18) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Scheduled Task - T1053.005 (005a06c6-14bf-4118-afa0-ebcd8aebb0c9) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Inhibit System Recovery - T1490 (f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a) Attack Pattern 1
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware 1
System Shutdown/Reboot - T1529 (ff73aa03-0090-4464-83ac-f89e233c02bc) Attack Pattern MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Clear Windows Event Logs - T1070.001 (6495ae23-3ab4-43c5-a94f-5638a2c31fd2) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Data Destruction - T1485 (d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern 1
MultiLayer Wiper - S1135 (663d7dee-5a47-459e-a5ef-e850a94a8ee5) Malware Timestomp - T1070.006 (47f2d673-ca62-47e9-929b-1b0be9657611) Attack Pattern 1
Embedded Payloads - T1027.009 (0533ab23-3f7d-463f-9bd8-634d27e4dee1) Attack Pattern Obfuscated Files or Information - T1027 (b3d682b6-98f2-4fb0-aa3b-b4df007ca70a) Attack Pattern 2
Disk Structure Wipe - T1561.002 (0af0ca99-357d-4ba1-805f-674fdfb7bef9) Attack Pattern Disk Wipe - T1561 (1988cc35-ced8-4dad-b2d1-7628488fa967) Attack Pattern 2
Scheduled Task - T1053.005 (005a06c6-14bf-4118-afa0-ebcd8aebb0c9) Attack Pattern Scheduled Task/Job - T1053 (35dd844a-b219-4e2b-a6bb-efa9a75995a9) Attack Pattern 2
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern Disable or Modify Tools - T1562.001 (ac08589e-ee59-4935-8667-d845e38fe579) Attack Pattern 2
Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern File Deletion - T1070.004 (d63a3fb8-9452-4e9d-a60a-54be68d5998c) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern Clear Windows Event Logs - T1070.001 (6495ae23-3ab4-43c5-a94f-5638a2c31fd2) Attack Pattern 2
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) Attack Pattern Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern Timestomp - T1070.006 (47f2d673-ca62-47e9-929b-1b0be9657611) Attack Pattern 2