General

  • Target

    c9bf719c891dd18e2350f990f79fdf45

  • Size

    406KB

  • Sample

    211018-l1w3hsecfr

  • MD5

    c9bf719c891dd18e2350f990f79fdf45

  • SHA1

    96cef982c09b09724ad8ff7e5f7a1a69d415456a

  • SHA256

    71ffa382c2598c8b86be65ea9fb29ecb9a0702fee0e962f70da4bc0ca5249506

  • SHA512

    64b14029da22c8ea349d184c74a27e03fe6aad6f1150009865717529ff6b90d08d5e982e1ce62c1b6f43ec27f0cf4aaa09652fed88694b6fb0043508fa765726

Malware Config

Targets

    • Target

      c9bf719c891dd18e2350f990f79fdf45

    • Size

      406KB

    • MD5

      c9bf719c891dd18e2350f990f79fdf45

    • SHA1

      96cef982c09b09724ad8ff7e5f7a1a69d415456a

    • SHA256

      71ffa382c2598c8b86be65ea9fb29ecb9a0702fee0e962f70da4bc0ca5249506

    • SHA512

      64b14029da22c8ea349d184c74a27e03fe6aad6f1150009865717529ff6b90d08d5e982e1ce62c1b6f43ec27f0cf4aaa09652fed88694b6fb0043508fa765726

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks