General

  • Target

    a267e11da91a3365f96d17059a2fdbc0

  • Size

    330KB

  • Sample

    211018-l1v58aecfm

  • MD5

    a267e11da91a3365f96d17059a2fdbc0

  • SHA1

    d674e104d56a7f72c1751fbb354d413aeb2954df

  • SHA256

    790f4981fc2b3423b9d7d98422cbfbb4fd709b78294a0bd743be3807fc3efa87

  • SHA512

    2112f082701c3f459a1083387f3a1fd7e10debbc0bb5bae20d61cae9f085deaa43df5e3a5a64aba3fd75bf45838f7df568a6661b5e4910b49b5c9691a0f63255

Malware Config

Targets

    • Target

      a267e11da91a3365f96d17059a2fdbc0

    • Size

      330KB

    • MD5

      a267e11da91a3365f96d17059a2fdbc0

    • SHA1

      d674e104d56a7f72c1751fbb354d413aeb2954df

    • SHA256

      790f4981fc2b3423b9d7d98422cbfbb4fd709b78294a0bd743be3807fc3efa87

    • SHA512

      2112f082701c3f459a1083387f3a1fd7e10debbc0bb5bae20d61cae9f085deaa43df5e3a5a64aba3fd75bf45838f7df568a6661b5e4910b49b5c9691a0f63255

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks