Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Pantheon_OPTI.rar

  • Size

    19KB

  • Sample

    240310-e686pscc34

  • MD5

    0a33ba0c6d26910eb362d2004364ea54

  • SHA1

    50fb8caf99a7b6c066fe39092f05239c7bfe26d6

  • SHA256

    ade87ea876d4f52ecc1303c46aaa048211ed2f1a7ebf63ed08ee82a44c9fc90a

  • SHA512

    0aa8bb7b1252d650181bbc434aa4def0d9055b1f5d46d34867c634d0da9fca04b3bde68774af0e46abc5dbe5a7e0774fe51333ee2e3595b3911060c1b02e38ca

  • SSDEEP

    384:DpyJRhCutpCne+Nx89b4AykE7zkdIZdeFFPQbP8R7JkD4StN8rxqd89HRshcU:DIhCueZb89b4IE7z3d29QbP8RtU4CKje

Score
10/10

Malware Config

Targets

    • Target

      Pantheon OPTI/#STEP 1 ( INSTALL ).bat

    • Size

      219B

    • MD5

      e38d3316a4024ac174d42e93978f0ac6

    • SHA1

      55bbc14e4f035b00d0ffd93ee8f78ba240912c96

    • SHA256

      27f8ceb3f2b70dc9a9bda00cbc67b1b75f601dd856409fc9ee4553a398b99b05

    • SHA512

      1bcac4d958f8124f583d3a9529e93cb3f9f29942d6ecb5b49c58e3e0b245c46353f281604ce22f26934e623562895de05f15f5e338b679b4ec78ac0e228f6105

    Score
    8/10
    • Blocklisted process makes network request

    • Target

      Pantheon OPTI/#STEP 2 ( MAIN UI ).bat

    • Size

      2KB

    • MD5

      217c51f006d0b1d34baa9c258b98a5c2

    • SHA1

      a99b1bd9f5ba6eb2714e536ef628816c7fc85ee4

    • SHA256

      433d0e62e064de952432a96e24b8d3ee4527137f633577159e7cdc5bbe76940e

    • SHA512

      1a607fe0cc13760d7c25d7e56907d62dda85961affadf3ce08864d6f9400b2a893bb563a3ea31c624b569604e75216a9e587c282a8031ed5cf01cd84287cf8db

    Score
    3/10
    • Target

      Pantheon OPTI/ServiceEnabler ( DO IF NEEDED ).bat

    • Size

      223KB

    • MD5

      c142b4540cc672b4d7984533fa2c9d8c

    • SHA1

      bf31c1a5cc6e25978182319066a18925a4dce17d

    • SHA256

      3c2d6046bf772099ae8f94cb7ab60b86e950927da0a570fc0c4e3d6a3d5a9f14

    • SHA512

      846dffa2ce11be806fb4fecbe17dd7c8034006ac11d2dbc1bd41f252e9fc94f905a226dd3b4867eb97ef29cee12cedc6a7bb65dfd3a3e687ef734683aea385d5

    • SSDEEP

      768:EEoO+jjTtGiZQpZHSV6PkXl1cXAx5frBaRyCJnJzQltusqsqynwt50PRAbF/b2AL:EEob6SZBmNqYV+pHDc0gNAc3tFOU

    Score
    10/10
    • UAC bypass

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks