Analysis
-
max time kernel
131s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20230621-en -
resource tags
-
submitted
27-06-2023 10:22
General
-
Target
csrss.exe
-
Size
256KB
-
MD5
b7b5abdab834c62e2bd617c210de790c
-
SHA1
6a0a40ca451724b398506f0b5868843e10e8cfa3
-
SHA256
f5d1d7ecfe3f1d1a47bf5782fc89e3109abbf50c7c98f82191e83f82da379a29
-
SHA512
b4cf8fcec86146f05a5f5d45bd55253535867b53fdaf07b34a1169a4d9188b9c3c034735dc37c9845b98ac3d2c0e84b36f8aaeadc9387de50463da3a97ae5e64
-
SSDEEP
3072:jVMKsWKxlGxE07ABigCFHdLYyBvzyBHNGqXgvnHZyzi0zslLFU/FzKsR:h3sWKxQ52CFHdLYKvzyZNGX/IupI2s
Score
6/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops desktop.ini file(s) 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\csrss.exe"C:\Users\Admin\AppData\Local\Temp\csrss.exe"1⤵
- Adds Run key to start application
- Drops desktop.ini file(s)
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
256KB
-
Filesize
256KB