General

  • Target

    25c2fa50d9e5502c6e9fd7876ef40150

  • Size

    339KB

  • Sample

    211018-l1sebsdch9

  • MD5

    25c2fa50d9e5502c6e9fd7876ef40150

  • SHA1

    be75de5852a949a19bd713e13069d7a8763300c6

  • SHA256

    fbe29d50fa44a0782013cfbf9cb5e5477fc37d20e3e45356109bb5d866a68799

  • SHA512

    74c013d935db81f7b49d21ea67590fc4a31497047925252ff982b565e6a50d02b3e83aef176e8d902c73bb714215a972e09d5163436ad6d94bfd779e1a1b4fe4

Malware Config

Targets

    • Target

      25c2fa50d9e5502c6e9fd7876ef40150

    • Size

      339KB

    • MD5

      25c2fa50d9e5502c6e9fd7876ef40150

    • SHA1

      be75de5852a949a19bd713e13069d7a8763300c6

    • SHA256

      fbe29d50fa44a0782013cfbf9cb5e5477fc37d20e3e45356109bb5d866a68799

    • SHA512

      74c013d935db81f7b49d21ea67590fc4a31497047925252ff982b565e6a50d02b3e83aef176e8d902c73bb714215a972e09d5163436ad6d94bfd779e1a1b4fe4

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks