General

  • Target

    79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf

  • Size

    389KB

  • Sample

    210615-l8l5rd8936

  • MD5

    484ad5a4fe183346cef417379bd0a714

  • SHA1

    a05dfb37a15f4275db2a49d6dcd2d37a85b57b46

  • SHA256

    79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf

  • SHA512

    1d7247c7db82f9c4c4a4a50176a0a1248e55a166deffe48e2263e08613f03e7fd266b4c5298eb6a8a0aa63567d0b1876d46650cf173fdeb1c1f73232b87cc12d

Malware Config

Targets

    • Target

      79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf

    • Size

      389KB

    • MD5

      484ad5a4fe183346cef417379bd0a714

    • SHA1

      a05dfb37a15f4275db2a49d6dcd2d37a85b57b46

    • SHA256

      79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf

    • SHA512

      1d7247c7db82f9c4c4a4a50176a0a1248e55a166deffe48e2263e08613f03e7fd266b4c5298eb6a8a0aa63567d0b1876d46650cf173fdeb1c1f73232b87cc12d

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks