General

  • Target

    86ac9440a641fc8136e21efce5e6c12f

  • Size

    401KB

  • Sample

    211018-l1vjpaddb3

  • MD5

    86ac9440a641fc8136e21efce5e6c12f

  • SHA1

    ec3a1fc26de9828932487ac55e0406fdae435851

  • SHA256

    149086b769a7a0ce4e5d1b00ab4b7e6e9ba25196df2c1915b9ed0dcc8801bda0

  • SHA512

    0fb626ba236edf11e3ff7a3ad0739abbd40e0df017763608bf16164b9869e67a76ef6993e4e7d470869c1c67c3399fbd89f4d5e7efda77eea140524c00115558

Malware Config

Targets

    • Target

      86ac9440a641fc8136e21efce5e6c12f

    • Size

      401KB

    • MD5

      86ac9440a641fc8136e21efce5e6c12f

    • SHA1

      ec3a1fc26de9828932487ac55e0406fdae435851

    • SHA256

      149086b769a7a0ce4e5d1b00ab4b7e6e9ba25196df2c1915b9ed0dcc8801bda0

    • SHA512

      0fb626ba236edf11e3ff7a3ad0739abbd40e0df017763608bf16164b9869e67a76ef6993e4e7d470869c1c67c3399fbd89f4d5e7efda77eea140524c00115558

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks