58391d8d0ac886ff85b5dee6d7af201d59eb749aeabe269167bad2138f8b953d | Triage

Submit
Reports

Overview

overview

5

Static

static

1

csrss/hZGHauLX.ps1

windows7-x64

5

csrss/hZGHauLX.ps1

windows10-2004-x64

1

Resubmissions

17/04/2023, 16:26

230417-txja9afb49 5

17/04/2023, 16:22

230417-tvkrasfb43 5

Sharing

Copy URL Twitter E-mail

General

Target

csrss.zip
Size

34KB
Sample

230417-txja9afb49
MD5

96612e1a5ac61386cdedb8afaafb9e4a
SHA1

4d51d00d27ec3b45d6a7de9d804d3ae996bf50d5
SHA256

58391d8d0ac886ff85b5dee6d7af201d59eb749aeabe269167bad2138f8b953d
SHA512

5e31e8471b96c65dff95bc15faad6a37e53111814f126c8ae19551d1a94e3fa68de9fd56ee928eef8da9f0e599acb61d2db6a814ada4157d0ab2db1157d4a600
SSDEEP

768:T2Ur2INUVTyn3yZHrUUC4rFQWVe7UK7LGQm1gqhLKMj8c/ffDyX6tK8ZU:TprqTtN68uWco4qpL5VOKw82

Score

5^/10

Static task

static1

Behavioral task

behavioral1

Sample

csrss/hZGHauLX.ps1

Resource

win7-20230220-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

csrss/hZGHauLX.ps1

Resource

win10v2004-20230221-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  csrss/hZGHauLX.ps1
- Size
  
  1KB
- MD5
  
  72c3ba0109d7ed3af665ff62c02bf328
- SHA1
  
  5a9977acbd58879ed6737808f49cd4c7cc1390d7
- SHA256
  
  6f7ff0e3ef6bc3ed1c3c5032f425762e2820923652d94a9b7dd5b50018b6442b
- SHA512
  
  d8054e33e94c050b75adb501e6be0b53e7ae385191f1e8cd86ed91eb6ab373c19dffc5f82ae6daf94986ba1690197357d90b506d130b8a70c05df93b589d4baa
Score

5^/10
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy