General

  • Target

    9757a9a165106a0a7929e81caf67eb21

  • Size

    433KB

  • Sample

    211018-l1vvfsecfk

  • MD5

    9757a9a165106a0a7929e81caf67eb21

  • SHA1

    ee9f898f693424dea31105ec062c11b3cbc358ed

  • SHA256

    127eb8375f47b7e81c5260280d02016fb38d45e127223a9d85ec68c3a9d4726a

  • SHA512

    978ee01fa2c95af682b99eb3478ae021c20a79c9d43d2366496e8faa8415418a7c4fd996f734f82c47d68ff0bdade68e0bb8aa48c81672c8d4f9d6c9b32e3d93

Malware Config

Targets

    • Target

      9757a9a165106a0a7929e81caf67eb21

    • Size

      433KB

    • MD5

      9757a9a165106a0a7929e81caf67eb21

    • SHA1

      ee9f898f693424dea31105ec062c11b3cbc358ed

    • SHA256

      127eb8375f47b7e81c5260280d02016fb38d45e127223a9d85ec68c3a9d4726a

    • SHA512

      978ee01fa2c95af682b99eb3478ae021c20a79c9d43d2366496e8faa8415418a7c4fd996f734f82c47d68ff0bdade68e0bb8aa48c81672c8d4f9d6c9b32e3d93

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks