General

  • Target

    6fa56b311151e75a6f625520ab7a7070

  • Size

    381KB

  • Sample

    211018-l1tx6aecer

  • MD5

    6fa56b311151e75a6f625520ab7a7070

  • SHA1

    85272cf6663f0386b44746b44090f3f4e9fd1492

  • SHA256

    339a0e886487bdb0c8812432e815f00884cb7abaf16634ce4211898fe14f7da7

  • SHA512

    a435c8fd2d6e0172dcf603c0870f00cb866516d28a8ece7ff02f121414394d46b708865664def420b36280094af31be30a33fe26ceb7ff0c950a254c27de1b3c

Malware Config

Targets

    • Target

      6fa56b311151e75a6f625520ab7a7070

    • Size

      381KB

    • MD5

      6fa56b311151e75a6f625520ab7a7070

    • SHA1

      85272cf6663f0386b44746b44090f3f4e9fd1492

    • SHA256

      339a0e886487bdb0c8812432e815f00884cb7abaf16634ce4211898fe14f7da7

    • SHA512

      a435c8fd2d6e0172dcf603c0870f00cb866516d28a8ece7ff02f121414394d46b708865664def420b36280094af31be30a33fe26ceb7ff0c950a254c27de1b3c

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks