General

  • Target

    51c3737fba1bf86b3065ef4d11da43d9

  • Size

    387KB

  • Sample

    211018-l1s1vsdda3

  • MD5

    51c3737fba1bf86b3065ef4d11da43d9

  • SHA1

    65f1edc1d765fa06bb13caf127d3b57776424c66

  • SHA256

    6112ed9e811ec04b376014bd027f66d89b7378bc69e2c343478b84844d33af0a

  • SHA512

    3041a856ba08efb32d36abd6fd967956d69e22a445c7bbe12f9e908f665869cc376f148d345aebce64560b534cc73d1268626c83b880857ab42aee9dc9d7cd62

Malware Config

Targets

    • Target

      51c3737fba1bf86b3065ef4d11da43d9

    • Size

      387KB

    • MD5

      51c3737fba1bf86b3065ef4d11da43d9

    • SHA1

      65f1edc1d765fa06bb13caf127d3b57776424c66

    • SHA256

      6112ed9e811ec04b376014bd027f66d89b7378bc69e2c343478b84844d33af0a

    • SHA512

      3041a856ba08efb32d36abd6fd967956d69e22a445c7bbe12f9e908f665869cc376f148d345aebce64560b534cc73d1268626c83b880857ab42aee9dc9d7cd62

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks