General

  • Target

    7d241d6b2b93defd3645737e8e17dcff

  • Size

    397KB

  • Sample

    211018-l1t8xsdda7

  • MD5

    7d241d6b2b93defd3645737e8e17dcff

  • SHA1

    474c8b816a3d930d375e590c626d52512c232cb8

  • SHA256

    f4da6e9a46562e2dbaa4e248c61e304a8105b209341c1217ee9b794e970e6dd4

  • SHA512

    755d2e508fdfb56a8196c040c23c6a557a0b4e830ca460e49d4496338af4f170fb5e7564805b96b27df6dbdcc09730099d2c7fae34c2a8acce0d6c1d7a25bee2

Malware Config

Targets

    • Target

      7d241d6b2b93defd3645737e8e17dcff

    • Size

      397KB

    • MD5

      7d241d6b2b93defd3645737e8e17dcff

    • SHA1

      474c8b816a3d930d375e590c626d52512c232cb8

    • SHA256

      f4da6e9a46562e2dbaa4e248c61e304a8105b209341c1217ee9b794e970e6dd4

    • SHA512

      755d2e508fdfb56a8196c040c23c6a557a0b4e830ca460e49d4496338af4f170fb5e7564805b96b27df6dbdcc09730099d2c7fae34c2a8acce0d6c1d7a25bee2

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks