General

  • Target

    823BE0D8A6071AE72DDF518A0F67B6E6.exe

  • Size

    1.3MB

  • Sample

    210504-7n7ygkndm2

  • MD5

    823be0d8a6071ae72ddf518a0f67b6e6

  • SHA1

    5ed2121688a2ac718772ff5981f3df628cbff540

  • SHA256

    a2e57e0250fe19b1495f61a62739d949ee6c36f3e672d33aa70f76c82f0aa6c7

  • SHA512

    0bc5a7f838a2212cb36895f9f9144acb7bedee94a32d8e0a7ecf2806e8d0480a582ca0b6e091b4b914abcc0a326bb548736163e5504ba3415aea2b759c7cf589

Malware Config

Targets

    • Target

      823BE0D8A6071AE72DDF518A0F67B6E6.exe

    • Size

      1.3MB

    • MD5

      823be0d8a6071ae72ddf518a0f67b6e6

    • SHA1

      5ed2121688a2ac718772ff5981f3df628cbff540

    • SHA256

      a2e57e0250fe19b1495f61a62739d949ee6c36f3e672d33aa70f76c82f0aa6c7

    • SHA512

      0bc5a7f838a2212cb36895f9f9144acb7bedee94a32d8e0a7ecf2806e8d0480a582ca0b6e091b4b914abcc0a326bb548736163e5504ba3415aea2b759c7cf589

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks