ade87ea876d4f52ecc1303c46aaa048211ed2f1a7ebf63ed08ee82a44c9fc90a | Triage

Analysis

max time kernel
119s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-03-2024 04:34

Sharing

Report Analysis Logs

General

Target

Pantheon OPTI/#STEP 2 ( MAIN UI ).bat
Size

2KB
MD5

217c51f006d0b1d34baa9c258b98a5c2
SHA1

a99b1bd9f5ba6eb2714e536ef628816c7fc85ee4
SHA256

433d0e62e064de952432a96e24b8d3ee4527137f633577159e7cdc5bbe76940e
SHA512

1a607fe0cc13760d7c25d7e56907d62dda85961affadf3ce08864d6f9400b2a893bb563a3ea31c624b569604e75216a9e587c282a8031ed5cf01cd84287cf8db

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2020 wrote to memory of 1188	2020	cmd.exe	29
PID 2020 wrote to memory of 1188	2020	cmd.exe	29
PID 2020 wrote to memory of 1188	2020	cmd.exe	29

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Pantheon OPTI\#STEP 2 ( MAIN UI ).bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:2020
- C:\Windows\system32\chcp.com
  chcp 65001
  2⤵
  PID:1188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads