Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
pim_installmgr_mathcad.exe
-
Size
33.0MB
-
Sample
240404-z54vtaaf3s
-
MD5
ba92d786191918c27deb99f33a9dbd90
-
SHA1
ac1a51b8f00166aeb4321991b59572af3824479f
-
SHA256
d3e45a2072e77088eae79f771e6d51af30ff9d3154be2f462f788f28d6f1855a
-
SHA512
cd0ccbde433568f15aab092648658b2ebd075ed0343ceea02782aaa357c995727a84ace1c08a2c4ff74b12b37b71ca91c7be70acd41befb035cdfde9b3ccb6ac
-
SSDEEP
786432:pY8sAt94hfMAknhrAXc0C5hZqigOtJsZWZPSsPhmjVt:68sA0eAcrAX/C5bjtSCPXJm7
Static task
static1
Behavioral task
behavioral1
Sample
pim_installmgr_mathcad.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
pim_installmgr_mathcad.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
pim_installmgr_mathcad.exe
-
Size
33.0MB
-
MD5
ba92d786191918c27deb99f33a9dbd90
-
SHA1
ac1a51b8f00166aeb4321991b59572af3824479f
-
SHA256
d3e45a2072e77088eae79f771e6d51af30ff9d3154be2f462f788f28d6f1855a
-
SHA512
cd0ccbde433568f15aab092648658b2ebd075ed0343ceea02782aaa357c995727a84ace1c08a2c4ff74b12b37b71ca91c7be70acd41befb035cdfde9b3ccb6ac
-
SSDEEP
786432:pY8sAt94hfMAknhrAXc0C5hZqigOtJsZWZPSsPhmjVt:68sA0eAcrAX/C5bjtSCPXJm7
Score6/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1