taurus_stealer | 80616b96b75786c8f2d11eb715795f82554d29e8c56eede8526d2107dabb8ad6 | Triage

Submit
Reports

Overview

overview

Static

static

PO# PO2021020371N.exe

windows7_x64

PO# PO2021020371N.exe

windows10_x64

7

Sharing

General

Target

DHL Tracking info_AWB NO.cab
Size

210KB
Sample

210301-daztwzrmax
MD5

77c3a27813fd93ebb201d65ea4dffa69
SHA1

dfc44dec88197f16ee89deee1532b0496d15f05d
SHA256

80616b96b75786c8f2d11eb715795f82554d29e8c56eede8526d2107dabb8ad6
SHA512

15a175ee61a115ee32bb52d0388b460b4a795615b7d502a7bf0c23d36fc4b78e19b61e5d8b5e3e8c00884349f7d6a6565f06756f8bd0a4e352c43e37b9bd1132

Score

10^/10

taurus_stealer discovery spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PO# PO2021020371N.exe

Resource

win7v20201028

taurus_stealer discovery spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PO# PO2021020371N.exe

Resource

win10v20201028

discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PO# PO2021020371N.exe
- Size
  
  291KB
- MD5
  
  ce29efcf5510c0a9dcb38f62d50a5e8b
- SHA1
  
  eb9a28d284303663ab5bbbab9e8cc7db88cf7a2f
- SHA256
  
  9bec30afd640d68be28fef4e6b5abcc14d90b2c7293d7709619b8f9b9e685b7e
- SHA512
  
  dee3945c894c586f1a4d42581796e1ce257cc5ec8a98368de391d664328ac7318163aff9edcd5eac9b9ab4c3b3407c2448add2d07b3863a74f513bf0541a77aa
Score

10^/10

taurus_stealer discovery spyware stealer trojan
- Taurus Stealer
  Taurus is an infostealer first seen in June 2020.
  trojan stealer taurus_stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

taurus_stealerdiscoveryspywarestealertrojan

behavioral2

discoveryspywarestealer

© 2018-2024

Terms | Privacy