General

  • Target

    112e9be8f36d4a9365d5136b7ab79f7b

  • Size

    446KB

  • Sample

    211018-l1sebsecdj

  • MD5

    112e9be8f36d4a9365d5136b7ab79f7b

  • SHA1

    188b5b3dd2ac64c0d177f68b6dfec5e2d5b656b5

  • SHA256

    dfa66d8411a9b5939db7b862f2a4f98a1bf7d393029a64c79468e3e9c8ad61b8

  • SHA512

    0b39b41b5f173ed4b9e625f3569cdc9db7062a94e3860c0b379258f226eb7220b539539b884c8c887410aeeabb73658ecdefcdc2cc002dc1ae46045d56e363b3

Malware Config

Targets

    • Target

      112e9be8f36d4a9365d5136b7ab79f7b

    • Size

      446KB

    • MD5

      112e9be8f36d4a9365d5136b7ab79f7b

    • SHA1

      188b5b3dd2ac64c0d177f68b6dfec5e2d5b656b5

    • SHA256

      dfa66d8411a9b5939db7b862f2a4f98a1bf7d393029a64c79468e3e9c8ad61b8

    • SHA512

      0b39b41b5f173ed4b9e625f3569cdc9db7062a94e3860c0b379258f226eb7220b539539b884c8c887410aeeabb73658ecdefcdc2cc002dc1ae46045d56e363b3

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks