General

  • Target

    24b335b5bb52f65a242f90c1f10fe171a1a4b38214a192c387529aa69280ab60.exe

  • Size

    1.3MB

  • Sample

    210515-s727rq761s

  • MD5

    7a9c574a3ef86ab174cc3a48f6b000d1

  • SHA1

    4d7ceacb8b4685dc6826ab01a05449340befced7

  • SHA256

    24b335b5bb52f65a242f90c1f10fe171a1a4b38214a192c387529aa69280ab60

  • SHA512

    4df2deaa71064671c14f316e3a4afa4517ccacde62728628eed66691ff6e12c85aefd9257cce9bc35778371f93edec05e9d45ecdd4e5e8e1c4325f013d863f86

Malware Config

Targets

    • Target

      24b335b5bb52f65a242f90c1f10fe171a1a4b38214a192c387529aa69280ab60.exe

    • Size

      1.3MB

    • MD5

      7a9c574a3ef86ab174cc3a48f6b000d1

    • SHA1

      4d7ceacb8b4685dc6826ab01a05449340befced7

    • SHA256

      24b335b5bb52f65a242f90c1f10fe171a1a4b38214a192c387529aa69280ab60

    • SHA512

      4df2deaa71064671c14f316e3a4afa4517ccacde62728628eed66691ff6e12c85aefd9257cce9bc35778371f93edec05e9d45ecdd4e5e8e1c4325f013d863f86

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Accesses 2FA software files, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks