Exaramel (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-02 12:36:25 UTC
elf.exaramel (Back to overview)
Exaramel
Actor(s): TeleBots
There is no description at this point.
References
2021-04-29 ⋅ ESET Research ⋅ Andy Garth, Daniel Chromek, Matthieu Faou, Robert Lipovsky, Tony Anscombe
ESET Industry Report on Government: Targeted but not alone
Exaramel Crutch Exaramel HyperBro HyperSSL InvisiMole XDSpy
2021-03-03 ⋅ DomainTools ⋅ Joe Slowik
Centreon to Exim and Back: On the Trail of Sandworm
Exaramel PAS
2021-02-16 ⋅ Twitter (@craiu) ⋅ Costin Raiu
Twitter thread on Exaramel Linux backdoor used by Russian Group Sandworm
Exaramel
2021-02-15 ⋅ Wired ⋅ Andy Greenberg
France Ties Russia's Sandworm to a Multiyear Hacking Spree
Exaramel Exaramel
2021-01-27 ⋅ CERT-FR ⋅ CERT-FR
Sandword Intrusion Set: Campaign Targeting Centreon Ssystems
Exaramel PAS Exaramel
2020-01-01 ⋅ Dragos ⋅ Joe Slowik
Threat Intelligence and the Limits of Malware Analysis
Exaramel Exaramel Industroyer Lookback NjRAT PlugX
2018-10-11 ⋅ ESET Research ⋅ Anton Cherepanov, Robert Lipovsky
New TeleBots backdoor: First evidence linking Industroyer to NotPetya
Exaramel EternalPetya Exaramel Industroyer
https://malpedia.caad.fkie.fraunhofer.de/details/elf.exaramel
Page 1 of 2

2017-05-31 ⋅ MITRE ⋅ MITRE ATT&CK
Sandworm Team
CyclopsBlink Exaramel BlackEnergy EternalPetya Exaramel GreyEnergy KillDisk MimiKatz Olympic
Destroyer Sandworm
There is no Yara-Signature yet.
Source: https://malpedia.caad.fkie.fraunhofer.de/details/elf.exaramel
https://malpedia.caad.fkie.fraunhofer.de/details/elf.exaramel
Page 2 of 2