Skip to content

Hide Navigation Hide TOC

Downdelph (837a295c-15ff-41c0-9b7e-5f2fb502b00a)

Downdelph is a lightweight downloader developed in the Delphi programming language. As we already mentioned in our white paper, its period of activity was from November 2013 to September 2015 and there have been no new variants seen since.

Cluster A Galaxy A Cluster B Galaxy B Level
Downdelph (837a295c-15ff-41c0-9b7e-5f2fb502b00a) Tool Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 1
Downdelph (837a295c-15ff-41c0-9b7e-5f2fb502b00a) Tool Downdelph (e6a077cb-42cc-4193-9006-9ceda8c0dff2) Malpedia 1
Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware Bypass User Account Control - T1548.002 (120d5519-3098-4e1c-9191-2aa61232f073) Attack Pattern 2
Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware Junk Data - T1001.001 (f7c0689c-4dbd-489b-81be-7cb7c7079ade) Attack Pattern 2
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) Attack Pattern Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware Symmetric Cryptography - T1573.001 (24bfaeba-cb0d-4525-b3dc-507c77ecec41) Attack Pattern 2
Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 2
Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware Downdelph (e6a077cb-42cc-4193-9006-9ceda8c0dff2) Malpedia 2
Bypass User Account Control - T1548.002 (120d5519-3098-4e1c-9191-2aa61232f073) Attack Pattern Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b) Attack Pattern 3
Data Obfuscation - T1001 (ad255bfe-a9e6-4b52-a258-8d3462abe842) Attack Pattern Junk Data - T1001.001 (f7c0689c-4dbd-489b-81be-7cb7c7079ade) Attack Pattern 3
Encrypted Channel - T1573 (b8902400-e6c5-4ba2-95aa-2d35b442b118) Attack Pattern Symmetric Cryptography - T1573.001 (24bfaeba-cb0d-4525-b3dc-507c77ecec41) Attack Pattern 3
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) Attack Pattern DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 3