General

  • Target

    1ab9eeef569b878ea75d35dbf43e5500

  • Size

    322KB

  • Sample

    211018-l1sebsecdk

  • MD5

    1ab9eeef569b878ea75d35dbf43e5500

  • SHA1

    3a3837be8ae9d5f519804161d2efa946c4b2a57c

  • SHA256

    1bce55345e78b00af9ba8d5b9b93cfcbf9ba597903ac9f5a640a7e60d6018649

  • SHA512

    f7dfaca95648de0e2cc1e1b02750afe0eed998ac0e8ad45fa5660475b915e3352056792b0eaadafbbbb79c2bfc60ee62c78175cf096216920206b4c8e855c196

Malware Config

Targets

    • Target

      1ab9eeef569b878ea75d35dbf43e5500

    • Size

      322KB

    • MD5

      1ab9eeef569b878ea75d35dbf43e5500

    • SHA1

      3a3837be8ae9d5f519804161d2efa946c4b2a57c

    • SHA256

      1bce55345e78b00af9ba8d5b9b93cfcbf9ba597903ac9f5a640a7e60d6018649

    • SHA512

      f7dfaca95648de0e2cc1e1b02750afe0eed998ac0e8ad45fa5660475b915e3352056792b0eaadafbbbb79c2bfc60ee62c78175cf096216920206b4c8e855c196

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks