General

  • Target

    ad9016fc439f738fae0c645c1f40139f

  • Size

    379KB

  • Sample

    211018-l1wfzsddc2

  • MD5

    ad9016fc439f738fae0c645c1f40139f

  • SHA1

    d7d9b547a43e5634b5213c9fe36f8d4d380715af

  • SHA256

    a95ec40cd05a96b7afd6ab5eabdbbcbdada915b62c65a14f002d6912b47bc2a5

  • SHA512

    939ccc00d55cedc93d5525749d949dfa783fc0b738319afac220549dfc6e32ed4ad37f8ae62cd28774c047ea3a0efd3bf7d16b092d841eabcc7d48a28d73d16b

Malware Config

Targets

    • Target

      ad9016fc439f738fae0c645c1f40139f

    • Size

      379KB

    • MD5

      ad9016fc439f738fae0c645c1f40139f

    • SHA1

      d7d9b547a43e5634b5213c9fe36f8d4d380715af

    • SHA256

      a95ec40cd05a96b7afd6ab5eabdbbcbdada915b62c65a14f002d6912b47bc2a5

    • SHA512

      939ccc00d55cedc93d5525749d949dfa783fc0b738319afac220549dfc6e32ed4ad37f8ae62cd28774c047ea3a0efd3bf7d16b092d841eabcc7d48a28d73d16b

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks