General

  • Target

    8196ffe8b92dfbf7496200796578032f

  • Size

    392KB

  • Sample

    211018-l1vjpaddb2

  • MD5

    8196ffe8b92dfbf7496200796578032f

  • SHA1

    3ea009f2737daca52da5ab93c7f9e0f74590a06d

  • SHA256

    566645b6d19bdcad55bd5ec6b6acb159aa6cd393caa2862755d39b3893d3537b

  • SHA512

    51a73981455199e17e9712241346232c3d7f045bd66c614ddefec55fbc398f4356808288971a2bb061cf0d7eb74c88947dc0ad72f940ed60e65e33376f64c823

Malware Config

Targets

    • Target

      8196ffe8b92dfbf7496200796578032f

    • Size

      392KB

    • MD5

      8196ffe8b92dfbf7496200796578032f

    • SHA1

      3ea009f2737daca52da5ab93c7f9e0f74590a06d

    • SHA256

      566645b6d19bdcad55bd5ec6b6acb159aa6cd393caa2862755d39b3893d3537b

    • SHA512

      51a73981455199e17e9712241346232c3d7f045bd66c614ddefec55fbc398f4356808288971a2bb061cf0d7eb74c88947dc0ad72f940ed60e65e33376f64c823

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks