Rewterz Threat Alert – Dridex Malware Spread via Malspam Campaign
August 23, 2021Rewterz Threat Alert – Amadey Botnet Malware via Phishing Emails – Active IOCs
August 23, 2021Rewterz Threat Alert – Dridex Malware Spread via Malspam Campaign
August 23, 2021Rewterz Threat Alert – Amadey Botnet Malware via Phishing Emails – Active IOCs
August 23, 2021Severity
High
Analysis Summary
The aim of Diavol ransomware malware is to encrypt the user data by using an RSA encryption key. This Code has the ability to prioritize files to encrypt based on a pre-configured list of extensions defined by attackers. Execution of diavol ransomware leads to a collection of system information such as windows version and network adapter details. This malware is spreading through spam emails, or delivering ransomware and other payloads to get complete control of the machine.
Impact
- File Encryption
Indicators of Compromise
MD5
- e63a532d42b44ff73c1e1d4bda018657
SHA-256
- 5be4c5b4f62ae4c548e41a1e3336090b120e04087fa43b2c087889bf4d277f99
SHA-1
- bc302677c602e8c3cb81c3f4de2cd7f971e0f95f
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.