» csrss.exe
Overview
Analysis
File Details
Downloads (1)

csrss.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from lp8.bongacams24.com.

File name:

csrss.exe

MD5:

d3ac73ba56c349f31fdf6bf1b7807054

SHA-1:

8152b9eebc6b204c82e9d67b2d5648c402072a58

SHA-256:

fb98ae15d7ce34b52c5960f1f53891030163e0af363755010ec300ee71a63513

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/8/2025 4:55:51 PM UTC (today)

Scan engine

Detection

Engine version

McAfee

Trojan.Suspect-AN!D3AC73BA56C3

18.0.204.0

File size:

1.5 MB (1,556,916 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\windows\csrss.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

2.24

CTPH (ssdeep):

24576:RG4gBNCRN7wQnybqpXj1c0fKTCF0apo/N8JsU3Aot+Ec0xMko6z5rJ9LH:RG4NTrybqpXj1c0fKTyE6z5rJ9LH

Entry address:

0x14D0

Entry point:

48, 83, EC, 28, C7, 05, A2, 0F, 0E, 00, 00, 00, 00, 00, E8, 5D, 39, 04, 00, E8, 98, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 48, 83, EC, 28, FF, 15, C6, 31, 0E, 00, 89, C0, 48, 83, C4, 28, C3, 66, 66, 66, 66, 66, 66, 2E, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 83, EC, 38, 48, 8D, 4C, 24, 20, FF, 15, D1, 31, 0E, 00, 48, 8B, 44, 24, 20, 48, 83, C4, 38, C3, 0F, 1F, 80, 00, 00, 00, 00, 48, 83, EC, 38, 48, 8D, 4C, 24, 20, FF, 15, B9, 31, 0E, 00, 48, 8B, 44, 24, 20, 48, 83, C4, 38, C3, 90, 90, 90, 90, 90, 90, 90... 
[+]

Code size:

563 KB (576,512 bytes)

The file csrss.exe has been seen being distributed by the following URL.

http://lp8.bongacams24.com/csrss.exe

Scan csrss.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.