Diavol

Description

(Fortinet) As part of a rather unique encryption procedure, Diavol operates using user-mode Asynchronous Procedure Calls (APCs) without a symmetric encryption algorithm. Usually, ransomware authors aim to complete the encryption operation in the shortest amount of time. Asymmetric encryption algorithms are not the obvious choice as they significantly slower than symmetric algorithms.

Names

Name
Diavol

Type

Ransomware
Big Game Hunting

Information

https://www.fortinet.com/blog/threat-research/diavol-new-ransomware-used-by-wizard-spider
https://www.speartip.com/resources/speartip-finds-new-diavol-ransomware-does-steal-data/
https://securityintelligence.com/posts/analysis-of-diavol-ransomware-link-trickbot-gang/
https://www.binarydefense.com/threat_watch/new-ransomware-diavol-being-dropped-by-trickbot/
http://www.ic3.gov/Media/News/2022/220120.pdf

Mitre Attack

https://attack.mitre.org/software/S0659/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.diavol

Playbook

https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-trickbot-gangs-diavol-ransomware/

Other Information

Uuid

f25de7f3-032f-491e-90a0-4f1c5bcc7738

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Diavol

Diavol

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Playbook

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks