Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
akemi-v2.2.3-hotfix.jar
-
Size
12.2MB
-
Sample
240921-vl5wjstdrl
-
MD5
d31d068522da9266f5e475a5abb016e7
-
SHA1
81b010126832e58c876456aabe566b2c9e9b3597
-
SHA256
9a670d2cc0fbc8c276ba1c4780fd1b82447afa1ed805bd4f4ab235a6a3c99e01
-
SHA512
798639b52b7c2e07fadc77511bd83d141ba312cbda120a222c3b41f152217799216256240f25e4da2a741b9047a1a2231f19cc96492e6fe7dbbd3324538a5e09
-
SSDEEP
196608:2kgXIQpBG18L1mDzqQxm/owp+V6dsFV7iONW0Rnrg64I5AIt7WHiL0W:2kFEA1aWEoS7dyWbI5AgCCN
Malware Config
Targets
-
-
Target
akemi-v2.2.3-hotfix.jar
-
Size
12.2MB
-
MD5
d31d068522da9266f5e475a5abb016e7
-
SHA1
81b010126832e58c876456aabe566b2c9e9b3597
-
SHA256
9a670d2cc0fbc8c276ba1c4780fd1b82447afa1ed805bd4f4ab235a6a3c99e01
-
SHA512
798639b52b7c2e07fadc77511bd83d141ba312cbda120a222c3b41f152217799216256240f25e4da2a741b9047a1a2231f19cc96492e6fe7dbbd3324538a5e09
-
SSDEEP
196608:2kgXIQpBG18L1mDzqQxm/owp+V6dsFV7iONW0Rnrg64I5AIt7WHiL0W:2kFEA1aWEoS7dyWbI5AgCCN
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-