General

  • Target

    64681b70793da5c7e49732687cb8d2b8

  • Size

    403KB

  • Sample

    211018-l1tmdsdda4

  • MD5

    64681b70793da5c7e49732687cb8d2b8

  • SHA1

    ca8899660768572be8eb01d521d43d23130877e6

  • SHA256

    d5fcb0ed17c0d9b91f1ebd26eeae7db72fdce939e2db44759cfed741466bd703

  • SHA512

    5cd0b341e2fee69d49f30eb8e6547bae503fa4098481e1d68e32a11973387d81c7c55a9f5059efaac7e83e071ae9e4761c88720c4e378aa46d6a50428ca9acaf

Malware Config

Targets

    • Target

      64681b70793da5c7e49732687cb8d2b8

    • Size

      403KB

    • MD5

      64681b70793da5c7e49732687cb8d2b8

    • SHA1

      ca8899660768572be8eb01d521d43d23130877e6

    • SHA256

      d5fcb0ed17c0d9b91f1ebd26eeae7db72fdce939e2db44759cfed741466bd703

    • SHA512

      5cd0b341e2fee69d49f30eb8e6547bae503fa4098481e1d68e32a11973387d81c7c55a9f5059efaac7e83e071ae9e4761c88720c4e378aa46d6a50428ca9acaf

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks