Calendar of Updates

Information Resources & Product News => Security Information Center => Security & Technology News => Topic started by: Antus67 on September 23, 2018, 02:51:35 am

Title: Delphi Packer Looks for Human Behavior Before Deploying Payload
Post by: Antus67 on September 23, 2018, 02:51:35 am
BY:
Author: Tara Seals
September 21, 2018 3:45 pm

(https://media.threatpost.com/wp-content/uploads/sites/103/2018/03/26162808/Malware_Phishing_Attack.jpg)



Many different threat actors are using this crypting service/tool for their operations, possibly buying it from the developer itself.

As bad actors continue to innovate in the area of sandbox evasion, the use of the Delphi programming language to pack malware code has become more and more prevalent. Researchers recently observed several spam campaigns using a specific packer written in Delphi that goes to great lengths to hunt for normal user behavior before deploying its payload.

Delphi is a legitimate integrated development environment (IDE) for rapid application development of desktop, mobile, web and console software, developed by Embarcadero Technologies. FireEye researchers have observed bad actors using it to more easily write malware that leverages Windows API functions to create anti-sandbox features.

full article here:https://threatpost.com/delphi-packer-looks-for-human-behavior-before-deploying-payload/137609/ (https://threatpost.com/delphi-packer-looks-for-human-behavior-before-deploying-payload/137609/)