General

  • Target

    917e024909bdcc7a0d5ef6459d507f45

  • Size

    256KB

  • Sample

    211018-l1vvfsddb6

  • MD5

    917e024909bdcc7a0d5ef6459d507f45

  • SHA1

    9c8de65aef9519e7d50cbd523e66dcdae586d5d5

  • SHA256

    65d0977e6240ce08f8da83ad228c7a9c2d6f0b3c3337b7d7a1abe7fc1d31bb20

  • SHA512

    32e1c1a2bfffb5f5ce6a9559d11a3fbe13f6699c82a722ff8bdb1a259a4dc298884c8ade6591bf1d092fb64c04cf49459d466032ee0d97f7233362e258bbf2c9

Malware Config

Targets

    • Target

      917e024909bdcc7a0d5ef6459d507f45

    • Size

      256KB

    • MD5

      917e024909bdcc7a0d5ef6459d507f45

    • SHA1

      9c8de65aef9519e7d50cbd523e66dcdae586d5d5

    • SHA256

      65d0977e6240ce08f8da83ad228c7a9c2d6f0b3c3337b7d7a1abe7fc1d31bb20

    • SHA512

      32e1c1a2bfffb5f5ce6a9559d11a3fbe13f6699c82a722ff8bdb1a259a4dc298884c8ade6591bf1d092fb64c04cf49459d466032ee0d97f7233362e258bbf2c9

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks