General

  • Target

    6cf546f4a5bc1da078cdf6bf343696ae

  • Size

    412KB

  • Sample

    211018-l1tx6adda5

  • MD5

    6cf546f4a5bc1da078cdf6bf343696ae

  • SHA1

    26e051f1a43060cb44043277470c11aa1d24eb26

  • SHA256

    d3fdb5c76faddac1a9643621df3f27aced5f5f63d411aeaf7fd852d1de195754

  • SHA512

    d41ad1818896b135c8c933b81f4d3fc26b624cdbf92f663c6e0a61e8799c828207f5c7045eac3ccb7666605ebd77087d9d0ab713b18e9e963a79678688da0086

Malware Config

Targets

    • Target

      6cf546f4a5bc1da078cdf6bf343696ae

    • Size

      412KB

    • MD5

      6cf546f4a5bc1da078cdf6bf343696ae

    • SHA1

      26e051f1a43060cb44043277470c11aa1d24eb26

    • SHA256

      d3fdb5c76faddac1a9643621df3f27aced5f5f63d411aeaf7fd852d1de195754

    • SHA512

      d41ad1818896b135c8c933b81f4d3fc26b624cdbf92f663c6e0a61e8799c828207f5c7045eac3ccb7666605ebd77087d9d0ab713b18e9e963a79678688da0086

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks