Delta.exe

Status: finished

Submission Time: 2024-10-21 21:47:11 +02:00

Malicious

Trojan

Evader

Comments

Details

Analysis ID:
1538845
API (Web) ID:
1538845
Analysis Started:

2024-10-21 21:47:12 +02:00
Analysis Finished:

2024-10-21 21:57:09 +02:00
MD5:
774ffee84d8e760761b8819edd2bc252
SHA1:
74ff2bcc3baf64790181b97dc09ab951d9440379
SHA256:
3c2cbcfb0dc0b92e1a0f15e725a1f8c4756a990e298098d94087cdd3fd491758
Technologies:

Engines
IOCs

Joe Sandbox

Download Report	Detection	Info
	malicious
Full Report Management Report IOC Report	malicious Score: 64	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Full Report Management Report IOC Report	malicious Score: 64	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Run with higher sleep bypass

Third Party Analysis Engines

malicious

Score: 24/38

URLs

Name	Detection
https://www.jetbrains.comhttps://www.jetbrains.comThis
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLCopyright
http://defaultcontainer/xwindow.xamld
Click to see the 67 hidden entries
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLJetBrains
http://foo/xwindow.xaml
http://upx.sf.net
https://gitlab.com/littlekiller2927/deltacore/-/raw/main/discinvite
http://fontello.com
http://icsharpcode.net/sharpdevelop/avalonedit
http://www.fontisto.com
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsExtraBold
https://github.com/itfoundry/Poppins)PoppinsItalicITFO;
http://www.kenangundogan.comhttp://www.kenangundogan.comMITMIThttps://opensource.org/licenses/mit-li
http://fontello.comMaterial
https://scriptblox.com
https://github.com/JetBrains/JetBrainsMonoNL)JetBrains
https://github.com/itfoundry/Poppins)PoppinsBoldITFO;
https://github.com/JulietaUla/Montserrat)Montserrat
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLWeightWidthUltraCondensed
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsSemiBold
https://github.com/itfoundry/Poppins)Poppins
https://github.com/lxnnydev/DeltaHosting/raw/main/Rbx_Error_Fix.exe
http://icsharpcode.net/sharpdevelop/avaloneditture=neutral
http://foo/bar/assets/imgs/starryblues.png
http://foo/bar/assets/imgs/owo.png
http://foo/Assets/Imgs/starryblues.pngd
http://www.cyreal.org
http://foo/bar/xwindow.bamld
http://foo/bar/assets/imgs/starryblues.pngd
http://fonts.google.comhttp://www.levien.com
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsExtraLight
https://gitlab.com/littlekiller2927/deltacore/-/raw/main/deltaversion
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsLight
https://cdn.discordapp.com/attachments/1041093775671435335/1048686669634752512/rbxfpsunlocker.exe
https://github.com/cyrealtype/Inconsolata)InconsolataRegular3.001;CYRE;Inconsolata-RegularInconsolat
https://github.com/JulietaUla/Montserrat)MontserratSemiBold7.200;ULA
https://fontawesome.comhttps://fontawesome.comFont
https://www.jetbrains.comThis
http://defaultcontainer/xwindow.xaml
http://defaultcontainer/Delta;component/Assets/Imgs/starryblues.png
http://defaultcontainer/Delta;component/Assets/Imgs/starryblues.pngd
https://scriptblox.com/api/script/search?q=
http://foo/xwindow.xamld
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsMedium
http://www.levien.com
https://discord.gg/
http://foo/Assets/Imgs/owo.pngd
http://appsforartists.comThis
http://foo/bar/xwindow.baml
http://defaultcontainer/Delta;component/Assets/Imgs/owo.png
https://gitlab.com/littlekiller2927/deltacore/-/raw/main/deltathemes.json
https://delta-documentation.gitbook.io/delta-error-fixes/error-fixes/access-is-denied
http://defaultcontainer/Delta;component/Assets/Imgs/owo.pngd
http://www.kenangundogan.com
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsBlack
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFL
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
https://github.com/itfoundry/Poppins)PoppinsRegularITFO;
https://scripts.sil.org/OFLhttps://scripts.sil.org/OFLPoppinsThin
https://indiantypefoundry.comThis
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLMontserratSemiBold
https://scriptblox.com/api/script/
http://foo/Assets/Imgs/owo.png
http://foo/bar/assets/imgs/owo.pngd
https://github.com/JetBrains/JetBrainsMono)JetBrains
https://opensource.org/licenses/mit-license.html
https://fontawesome.com
http://foo/Assets/Imgs/starryblues.png
http://www.zkysky.com.ar/http://www.zkysky.com.ar/This
https://github.com/itfoundry/Poppins)PoppinsBold

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Delta.exe_75f3cc91b28318df2af771124ee3f2ec9f777c_9ecb6a98_b03832f1-9242-409a-82c1-15aec0700ae8\Report.wer	Unicode text, UTF-16, little-endian text, with CRLF line terminators	#

Deep Malware Analysis

Delta.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

URLs

Dropped files

Deep Malware Analysis

Delta.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

Third Party Analysis Engines

URLs

Dropped files

Search started

Delta.exe