Analysis
-
max time kernel
43s -
max time network
106s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
15-06-2021 14:49
Static task
static1
Behavioral task
behavioral1
Sample
79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf.exe
Resource
win7v20210408
0 signatures
0 seconds
General
-
Target
79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf.exe
-
Size
389KB
-
MD5
484ad5a4fe183346cef417379bd0a714
-
SHA1
a05dfb37a15f4275db2a49d6dcd2d37a85b57b46
-
SHA256
79df2c0e7e331b3baa2dd5a241cbf05986f2482e8024e26a3362afdd790e94cf
-
SHA512
1d7247c7db82f9c4c4a4a50176a0a1248e55a166deffe48e2263e08613f03e7fd266b4c5298eb6a8a0aa63567d0b1876d46650cf173fdeb1c1f73232b87cc12d
Malware Config
Signatures
-
Taurus Stealer Payload 2 IoCs
Processes:
resource yara_rule behavioral1/memory/940-59-0x0000000000220000-0x0000000000258000-memory.dmp family_taurus_stealer behavioral1/memory/940-60-0x0000000000400000-0x0000000000C2A000-memory.dmp family_taurus_stealer -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.