General

  • Target

    0b4d1dfb2d80949a1558c32036e3130d

  • Size

    364KB

  • Sample

    211018-l1r4kaeccr

  • MD5

    0b4d1dfb2d80949a1558c32036e3130d

  • SHA1

    78538bb2c4edd07ec6d6f5dcc75715e4a5b632f2

  • SHA256

    99b0432f59052b504b27ee3f397fc897e2aa0a7490163122296b45e8f1694a9b

  • SHA512

    6018b75de3a251c12e8cdbd48cc580beefdb020e73b083539376125204955ca4f1e995a7f5682d2f4853b5b0adfb0b32b17d3f9e53c859414fbb5e58afd6923f

Malware Config

Targets

    • Target

      0b4d1dfb2d80949a1558c32036e3130d

    • Size

      364KB

    • MD5

      0b4d1dfb2d80949a1558c32036e3130d

    • SHA1

      78538bb2c4edd07ec6d6f5dcc75715e4a5b632f2

    • SHA256

      99b0432f59052b504b27ee3f397fc897e2aa0a7490163122296b45e8f1694a9b

    • SHA512

      6018b75de3a251c12e8cdbd48cc580beefdb020e73b083539376125204955ca4f1e995a7f5682d2f4853b5b0adfb0b32b17d3f9e53c859414fbb5e58afd6923f

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks