General

  • Target

    46458e8049a630152e912ddc6ef3e9ba

  • Size

    342KB

  • Sample

    211018-l1sp4aecdp

  • MD5

    46458e8049a630152e912ddc6ef3e9ba

  • SHA1

    dfa160469139417802e6a454a2da61a7c9424b4e

  • SHA256

    9058fb9c2a126cdfbc5a4c37a78d2d16352a3d997e7126b0b8ad2766dee4cd69

  • SHA512

    d1a0b2d6f1ae28d0db449ce301d30669ff77752b1d41668a14546fab6290a0e9d12aba86ae941d7a30311e1860e9aa7d0d31979d5b35587320feb65912729ab2

Malware Config

Targets

    • Target

      46458e8049a630152e912ddc6ef3e9ba

    • Size

      342KB

    • MD5

      46458e8049a630152e912ddc6ef3e9ba

    • SHA1

      dfa160469139417802e6a454a2da61a7c9424b4e

    • SHA256

      9058fb9c2a126cdfbc5a4c37a78d2d16352a3d997e7126b0b8ad2766dee4cd69

    • SHA512

      d1a0b2d6f1ae28d0db449ce301d30669ff77752b1d41668a14546fab6290a0e9d12aba86ae941d7a30311e1860e9aa7d0d31979d5b35587320feb65912729ab2

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks