Daniel Roberson - DOUBLEFANTASY

Daniel Roberson

DOUBLEFANTASY

0001-01-01

DOUBLEFANTASY is a POSIX-compliant, multiplatform malware written by the Equation Group.

https://toddcullumresearch.com/2017/04/13/equationgroup-doublefantasy-part-1/

https://malpedia.caad.fkie.fraunhofer.de/details/win.doublefantasy

https://twitter.com/Int2e_/status/1294565186939092994

https://securelist.com/equation-the-death-star-of-malware-galaxy/68750/

DEAD LINK https://fmnagisa.wordpress.com/2020/08/27/revisiting-equationgroups-fanny-worm-or-dementiawheel/

https://www.forcepoint.com/resources/podcast/replay-roided-out-sitting-duck-juan-andres-guerrero-saade

https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/

Links to this note

Recent Posts

Linux Hardening: SSH

2025-03-06 DFIR SSH hardening linux hardening SSH PAM

Linux Anti-Forensics: Timestomping

2025-03-05 DFIR linux anti-forensics

Finding Bad with Linux Package Managers

2025-03-03 DFIR linux persistence

Linux Persistence: Startup Scripts

2024-11-10 DFIR CTF linux persistence systemd SysV init startup script

Linux Persistence: Cron

2024-11-10 DFIR CTF linux persistence cron