taurus_stealer | 9bec30afd640d68be28fef4e6b5abcc14d90b2c7293d7709619b8f9b9e685b7e | Triage

Submit
Reports

Overview

overview

Static

static

PO# PO2021020371N.exe

windows7_x64

PO# PO2021020371N.exe

windows10_x64

7

Sharing

General

Target

PO# PO2021020371N.exe
Size

291KB
Sample

210301-j73atkvkd6
MD5

ce29efcf5510c0a9dcb38f62d50a5e8b
SHA1

eb9a28d284303663ab5bbbab9e8cc7db88cf7a2f
SHA256

9bec30afd640d68be28fef4e6b5abcc14d90b2c7293d7709619b8f9b9e685b7e
SHA512

dee3945c894c586f1a4d42581796e1ce257cc5ec8a98368de391d664328ac7318163aff9edcd5eac9b9ab4c3b3407c2448add2d07b3863a74f513bf0541a77aa

Score

10^/10

taurus_stealer discovery spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

PO# PO2021020371N.exe

Resource

win7v20201028

taurus_stealer discovery spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PO# PO2021020371N.exe

Resource

win10v20201028

discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PO# PO2021020371N.exe
- Size
  
  291KB
- MD5
  
  ce29efcf5510c0a9dcb38f62d50a5e8b
- SHA1
  
  eb9a28d284303663ab5bbbab9e8cc7db88cf7a2f
- SHA256
  
  9bec30afd640d68be28fef4e6b5abcc14d90b2c7293d7709619b8f9b9e685b7e
- SHA512
  
  dee3945c894c586f1a4d42581796e1ce257cc5ec8a98368de391d664328ac7318163aff9edcd5eac9b9ab4c3b3407c2448add2d07b3863a74f513bf0541a77aa
Score

10^/10

taurus_stealer discovery spyware stealer trojan
- Taurus Stealer
  Taurus is an infostealer first seen in June 2020.
  trojan stealer taurus_stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

taurus_stealerdiscoveryspywarestealertrojan

behavioral2

discoveryspywarestealer

© 2018-2024

Terms | Privacy