General

  • Target

    8dd6e531fcd4cc81100d2bcf311e93df.exe

  • Size

    692KB

  • Sample

    210501-pn75c3rm8s

  • MD5

    8dd6e531fcd4cc81100d2bcf311e93df

  • SHA1

    723485a17419aa2d991dc84f087b0237b1fba2b7

  • SHA256

    03ca5dd93546df853927de6d479f1681f0a10f0edcac51c16d2bdfe7df1fb5a7

  • SHA512

    b69835576764f2bd9c76f58afc2188e594dd82c17222dc4a24cc1670129a76b222fafec57bb2cbbe6d6cd338bc2c0a5a5ba5288f3ecc099838a3b3984c7a9eb7

Malware Config

Targets

    • Target

      8dd6e531fcd4cc81100d2bcf311e93df.exe

    • Size

      692KB

    • MD5

      8dd6e531fcd4cc81100d2bcf311e93df

    • SHA1

      723485a17419aa2d991dc84f087b0237b1fba2b7

    • SHA256

      03ca5dd93546df853927de6d479f1681f0a10f0edcac51c16d2bdfe7df1fb5a7

    • SHA512

      b69835576764f2bd9c76f58afc2188e594dd82c17222dc4a24cc1670129a76b222fafec57bb2cbbe6d6cd338bc2c0a5a5ba5288f3ecc099838a3b3984c7a9eb7

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Accesses 2FA software files, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks