General

  • Target

    AZ.exe

  • Size

    386KB

  • Sample

    210418-d25nzd93da

  • MD5

    52a93fbc6187234e2543dcbf2b18cf58

  • SHA1

    79705d49388b1f5324de1e5eff4a3b0c3a6a9187

  • SHA256

    45feb97cce0d34dc6c93494ba82a0b657ed513d1f9a0962b4415e0e51d05fa4e

  • SHA512

    a4a37c4db65a83ba8a38075e4426a9278f501e9dbb9ddf8e662204564538e3a79279c5df9d1c7abafc601ef1991a9ea5606550ef11508c4dd1fd15bf125d9758

Malware Config

Targets

    • Target

      AZ.exe

    • Size

      386KB

    • MD5

      52a93fbc6187234e2543dcbf2b18cf58

    • SHA1

      79705d49388b1f5324de1e5eff4a3b0c3a6a9187

    • SHA256

      45feb97cce0d34dc6c93494ba82a0b657ed513d1f9a0962b4415e0e51d05fa4e

    • SHA512

      a4a37c4db65a83ba8a38075e4426a9278f501e9dbb9ddf8e662204564538e3a79279c5df9d1c7abafc601ef1991a9ea5606550ef11508c4dd1fd15bf125d9758

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks