183f401f088cbb973633dbeeb16ded1326b7aa567acfc9de32855d5be14653ae | Triage

Submit
Reports

Overview

overview

9

Static

static

3

deluge-2.1...up.exe

windows10-2004-x64

9

Sharing

General

Target

deluge-2.1.1-win64-setup.exe
Size

37.6MB
Sample

230929-ye9spsed2s
MD5

4b1c4cfead927342414fa541fbe35150
SHA1

cf1b22a1c860139ccd647d186e315e800a893f02
SHA256

183f401f088cbb973633dbeeb16ded1326b7aa567acfc9de32855d5be14653ae
SHA512

4157ce2c4ce909fe2705b4fa4a5221d9cabc668042b5b5c4d6484d731e44a40cb4278c234fcffc8f514dc8b35c3ffb193668b2dc48d5e17be847a012b278c483
SSDEEP

786432:UiL/yP5lMDmYZc37w1HsDt7vpwlRiFO4pFrM+4fKr1ASDsIZN+DH7Qz2I5kUhEI9:UirwQm9U1HMt1i4pFrM+4fE1AS4u+DHc

Score

9^/10

discovery pyinstaller

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

deluge-2.1.1-win64-setup.exe

Resource

win10v2004-20230915-en

discovery pyinstaller

windows10-2004-x64

22 signatures

1800 seconds

Malware Config

Targets

- Target
  
  deluge-2.1.1-win64-setup.exe
- Size
  
  37.6MB
- MD5
  
  4b1c4cfead927342414fa541fbe35150
- SHA1
  
  cf1b22a1c860139ccd647d186e315e800a893f02
- SHA256
  
  183f401f088cbb973633dbeeb16ded1326b7aa567acfc9de32855d5be14653ae
- SHA512
  
  4157ce2c4ce909fe2705b4fa4a5221d9cabc668042b5b5c4d6484d731e44a40cb4278c234fcffc8f514dc8b35c3ffb193668b2dc48d5e17be847a012b278c483
- SSDEEP
  
  786432:UiL/yP5lMDmYZc37w1HsDt7vpwlRiFO4pFrM+4fKr1ASDsIZN+DH7Qz2I5kUhEI9:UirwQm9U1HMt1i4pFrM+4fE1AS4u+DHc
Score

9^/10

discovery pyinstaller
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Contacts a large (1164) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Network Service Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypyinstaller

© 2018-2025

Terms | Privacy