Analysis
-
max time kernel
150s -
max time network
164s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
18-10-2021 10:00
Static task
static1
Behavioral task
behavioral1
Sample
d6d0e261df768c8db74c6103d86dd1a0.exe
Resource
win7-en-20211014
0 signatures
0 seconds
General
-
Target
d6d0e261df768c8db74c6103d86dd1a0.exe
-
Size
407KB
-
MD5
d6d0e261df768c8db74c6103d86dd1a0
-
SHA1
04708bec85ce493bb248034d814e186ac559527f
-
SHA256
31c06e5e4c6e0d17ab4e8fd1023a0a090b7c87a54a3dbbe157305acb78150880
-
SHA512
409b8163f3bedf4e84facf56e5104eeff45d80959429c87a251483b1ddedbc031e23fa00cbc00fda9ba84080055a589788ebc67274582ea205894caea4fad645
Malware Config
Signatures
-
Taurus Stealer Payload 2 IoCs
Processes:
resource yara_rule behavioral1/memory/1568-55-0x0000000000220000-0x0000000000258000-memory.dmp family_taurus_stealer behavioral1/memory/1568-57-0x0000000000400000-0x000000000179F000-memory.dmp family_taurus_stealer -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.