4368e594f35a212fa9d375622671c8e6fbd026551647ae22d1bc8c2d65ae7a48 | Triage

Sharing

General

Target

csrss.exe.7z
Size

22KB
Sample

230627-meastsdg26
MD5

27bdf5778b160afb6ef7369eff8b704e
SHA1

6310f1437f28d6f8b3bcf93fc1ad8e578628396d
SHA256

4368e594f35a212fa9d375622671c8e6fbd026551647ae22d1bc8c2d65ae7a48
SHA512

35821831f912150f1b235308d30e5f7f236972fd78638b0203c9db89c97b6396453c822e8b92d00924b5fecf1bd46267e8cb3fc339eb6acb13ad83292ccae246
SSDEEP

384:PeX62US2ktnvAg5jrHkHqYWHN5inNi12xn0nFyH29pYL4tUyhdp4FspPMHCSr0Mt:2K81HgjQN0NTn0nkL4tUyEcPEz+aj

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  csrss.exe
- Size
  
  256KB
- MD5
  
  b7b5abdab834c62e2bd617c210de790c
- SHA1
  
  6a0a40ca451724b398506f0b5868843e10e8cfa3
- SHA256
  
  f5d1d7ecfe3f1d1a47bf5782fc89e3109abbf50c7c98f82191e83f82da379a29
- SHA512
  
  b4cf8fcec86146f05a5f5d45bd55253535867b53fdaf07b34a1169a4d9188b9c3c034735dc37c9845b98ac3d2c0e84b36f8aaeadc9387de50463da3a97ae5e64
- SSDEEP
  
  3072:jVMKsWKxlGxE07ABigCFHdLYyBvzyBHNGqXgvnHZyzi0zslLFU/FzKsR:h3sWKxQ52CFHdLYKvzyZNGX/IupI2s
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2