Skip to content

Hide Navigation Hide TOC

Downdelph (837a295c-15ff-41c0-9b7e-5f2fb502b00a)

Downdelph is a lightweight downloader developed in the Delphi programming language. As we already mentioned in our white paper, its period of activity was from November 2013 to September 2015 and there have been no new variants seen since.

Cluster A Galaxy A Cluster B Galaxy B Level
Downdelph (e6a077cb-42cc-4193-9006-9ceda8c0dff2) Malpedia Downdelph (837a295c-15ff-41c0-9b7e-5f2fb502b00a) Tool 1
Downdelph (837a295c-15ff-41c0-9b7e-5f2fb502b00a) Tool Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 1
Bypass User Account Control - T1548.002 (120d5519-3098-4e1c-9191-2aa61232f073) Attack Pattern Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add) Attack Pattern Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
Symmetric Cryptography - T1573.001 (24bfaeba-cb0d-4525-b3dc-507c77ecec41) Attack Pattern Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
Junk Data - T1001.001 (f7c0689c-4dbd-489b-81be-7cb7c7079ade) Attack Pattern Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
Downdelph (e6a077cb-42cc-4193-9006-9ceda8c0dff2) Malpedia Downdelph - S0134 (08d20cd2-f084-45ee-8558-fa6ef5a18519) Malware 2
Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b) Attack Pattern Bypass User Account Control - T1548.002 (120d5519-3098-4e1c-9191-2aa61232f073) Attack Pattern 3
Hijack Execution Flow - T1574 (aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6) Attack Pattern DLL - T1574.001 (2fee9321-3e71-4cf4-af24-d4d40d355b34) Attack Pattern 3
Encrypted Channel - T1573 (b8902400-e6c5-4ba2-95aa-2d35b442b118) Attack Pattern Symmetric Cryptography - T1573.001 (24bfaeba-cb0d-4525-b3dc-507c77ecec41) Attack Pattern 3
Data Obfuscation - T1001 (ad255bfe-a9e6-4b52-a258-8d3462abe842) Attack Pattern Junk Data - T1001.001 (f7c0689c-4dbd-489b-81be-7cb7c7079ade) Attack Pattern 3