General

  • Target

    d6d0e261df768c8db74c6103d86dd1a0

  • Size

    407KB

  • Sample

    211018-l1w3hsddc8

  • MD5

    d6d0e261df768c8db74c6103d86dd1a0

  • SHA1

    04708bec85ce493bb248034d814e186ac559527f

  • SHA256

    31c06e5e4c6e0d17ab4e8fd1023a0a090b7c87a54a3dbbe157305acb78150880

  • SHA512

    409b8163f3bedf4e84facf56e5104eeff45d80959429c87a251483b1ddedbc031e23fa00cbc00fda9ba84080055a589788ebc67274582ea205894caea4fad645

Malware Config

Targets

    • Target

      d6d0e261df768c8db74c6103d86dd1a0

    • Size

      407KB

    • MD5

      d6d0e261df768c8db74c6103d86dd1a0

    • SHA1

      04708bec85ce493bb248034d814e186ac559527f

    • SHA256

      31c06e5e4c6e0d17ab4e8fd1023a0a090b7c87a54a3dbbe157305acb78150880

    • SHA512

      409b8163f3bedf4e84facf56e5104eeff45d80959429c87a251483b1ddedbc031e23fa00cbc00fda9ba84080055a589788ebc67274582ea205894caea4fad645

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks