General

  • Target

    05d54f3cf09ea875811d719c8df4a370

  • Size

    386KB

  • Sample

    211018-l1r4kadch6

  • MD5

    05d54f3cf09ea875811d719c8df4a370

  • SHA1

    2ffdb4e92df0a238dc31a2a5c34d5c8376f63101

  • SHA256

    dc2ba029b69d478752a2ea6b5e90dc1396b75012f48551737bd06f897e3b2275

  • SHA512

    893e7d742959ffacb4c8ab3bbd56210dbd4d85e4a6819effa7043fa63e0a44edb9c2bd8dbe7ac6a58a6dc80a6a768fe2edf76624af778b3f3f344fac0a719391

Malware Config

Targets

    • Target

      05d54f3cf09ea875811d719c8df4a370

    • Size

      386KB

    • MD5

      05d54f3cf09ea875811d719c8df4a370

    • SHA1

      2ffdb4e92df0a238dc31a2a5c34d5c8376f63101

    • SHA256

      dc2ba029b69d478752a2ea6b5e90dc1396b75012f48551737bd06f897e3b2275

    • SHA512

      893e7d742959ffacb4c8ab3bbd56210dbd4d85e4a6819effa7043fa63e0a44edb9c2bd8dbe7ac6a58a6dc80a6a768fe2edf76624af778b3f3f344fac0a719391

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks