Spy Trojan

How to remove “Trojan.Spy.Delf.OCT”?

Malware Removal

The Trojan.Spy.Delf.OCT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Spy.Delf.OCT virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Spy.Delf.OCT?



File Info:

name: A2194D0F405E8F782A54.mlw
path: /opt/CAPEv2/storage/binaries/201ff8114d2ff3e40122465aeeb787d92c76d9c29be55dbbea918337967a3ddc
crc32: FD4DD78D
md5: a2194d0f405e8f782a548d3a47b1ddc5
sha1: 0469f5b2ba1daa2d067f7380795397ddcede0ce1
sha256: 201ff8114d2ff3e40122465aeeb787d92c76d9c29be55dbbea918337967a3ddc
sha512: 223b8dd82e8cfb280c3b86b0d30308e8ab5e90d1306386ead709c0bdec45fc993ba126f33d1ee4bc4cb215da41f665f2dd134ed88c68849fbd7f3da4ba02dca1
ssdeep: 1536:39a+osleo1o2qE/kGG7iuy/1KZBVj8UWEN:Nvo27Nvuy/1Khj8Rc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10B43E16FC15218AED207D031C75DBBB76F9075AE6F6F030E2D16DE5604E784282BAD88
sha3_384: fec7babbc8c699879e8ec5d2bb97b42430398a41a3ef4d11d2f7b241239a8a6edf6161b35a0ae7813d95013f807b1b60
ep_bytes: 60be00b001108dbe0060feff5783cdff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Trojan.Spy.Delf.OCT also known as:

Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.Spy.Delf.OCT
CAT-QuickHealVirTool.DelfInject.X
ALYacTrojan.Spy.Delf.OCT
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005190001 )
K7GWTrojan ( 005190001 )
CrowdStrikewin/malicious_confidence_100% (W)
BaiduWin32.Trojan.Delf.ae
VirITTrojan.Win32.Generic.AYFL
CyrenW32/DelfInject.A.gen!Eldorado
SymantecSMG.Heur!gen
ESET-NOD32Win32/Delf.NPC
APEXMalicious
ClamAVWin.Trojan.Delf-7615762-0
KasperskyTrojan-Spy.Win32.Dibik.enb
BitDefenderTrojan.Spy.Delf.OCT
NANO-AntivirusTrojan.Win32.Dibik.icchqw
AvastWin32:Agent-AXJS [Trj]
TencentTrojan.Win32.Spy.tfs
Ad-AwareTrojan.Spy.Delf.OCT
SophosML/PE-A + Mal/SpyAgent-F
ComodoTrojWare.Win32.Trojan.Agent.Gen@1e80l9
DrWebBackDoor.Myfun
ZillyaTrojan.Dibik.Win32.456
TrendMicroTROJ_SASFIS.CG
McAfee-GW-EditionBackDoor-DOQ.gen.w
FireEyeGeneric.mg.a2194d0f405e8f78
EmsisoftTrojan.Spy.Delf.OCT (B)
IkarusPacked.Win32.PePatch
JiangminTrojan/Agent.dbwr
AviraBDS/Backdoor.Gen
MAXmalware (ai score=82)
KingsoftWin32.Troj.Sasfis.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Spy.Delf.OCT
ViRobotTrojan.Win32.Sasfis.126976.B[UPX]
GDataTrojan.Spy.Delf.OCT
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Sasfis.C69117
McAfeeArtemis!A2194D0F405E
TACHYONTrojan-Spy/W32.DP-Dibik.124928
VBA32BScope.TrojanSpy.Dibik
TrendMicro-HouseCallTROJ_SASFIS.CG
RisingTrojan.Generic@AI.99 (RDMK:cmRtazq5aomWJzwSDKSgbDrRAvrI)
YandexTrojan.GenAsa!+CjNPD3V1zo
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Injector.fam!tr
BitDefenderThetaAI:Packer.7389192419
AVGWin32:Agent-AXJS [Trj]
Cybereasonmalicious.f405e8
PandaTrj/Genetic.gen

How to remove Trojan.Spy.Delf.OCT?

Trojan.Spy.Delf.OCT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment