taurus_stealer | 847fa8413751c698b7cb1f258a4365d8e50915e4811fa916308f6b0e18cbc17d | Triage

Submit
Reports

Static

static

8

DOCUMENT FILE.exe

windows7_x64

DOCUMENT FILE.exe

windows10_x64

7

Sharing

General

Target

DOCUMENT FILE.exe
Size

360KB
Sample

210114-a8f678rs12
MD5

fbe426a8d46b433667c3a30f38c703ab
SHA1

bed53dc755559ecc8ed6a84f7efbe877937324de
SHA256

847fa8413751c698b7cb1f258a4365d8e50915e4811fa916308f6b0e18cbc17d
SHA512

8c22771d773da05bb36d0f4285c25b61157ad42c044d6029f98103b755b5567b2964d225fd18d9d0295bb25a002ba8c9dec9a9567862822ced0ea108f26c8956

Score

10^/10

taurus_stealer discovery spyware stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

DOCUMENT FILE.exe

Resource

win7v20201028

taurus_stealer discovery spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DOCUMENT FILE.exe

Resource

win10v20201028

discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  DOCUMENT FILE.exe
- Size
  
  360KB
- MD5
  
  fbe426a8d46b433667c3a30f38c703ab
- SHA1
  
  bed53dc755559ecc8ed6a84f7efbe877937324de
- SHA256
  
  847fa8413751c698b7cb1f258a4365d8e50915e4811fa916308f6b0e18cbc17d
- SHA512
  
  8c22771d773da05bb36d0f4285c25b61157ad42c044d6029f98103b755b5567b2964d225fd18d9d0295bb25a002ba8c9dec9a9567862822ced0ea108f26c8956
Score

10^/10

taurus_stealer discovery spyware stealer trojan
- Taurus Stealer
  Taurus is an infostealer first seen in June 2020.
  trojan stealer taurus_stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

taurus_stealerdiscoveryspywarestealertrojan

behavioral2

discoveryspywarestealer

© 2018-2024

Terms | Privacy