General

  • Target

    ae033c3be63a96dcba69e36f8cdfd9d9

  • Size

    438KB

  • Sample

    211018-l1wfzsddc3

  • MD5

    ae033c3be63a96dcba69e36f8cdfd9d9

  • SHA1

    4c13bb22640cbd92922d306fca51439a55f28220

  • SHA256

    1244239e399a6b0a5aec10c38c6b4e83029f60409f4457d390fb18d47a51e13b

  • SHA512

    34035face27213870bc5db95bbe50cb23366cc792f445ebfc0169e7e871acae68b6f2780f14fdefe0d9068dea240bc8569fb37bb64ece10dc9f301e20e9f0847

Malware Config

Targets

    • Target

      ae033c3be63a96dcba69e36f8cdfd9d9

    • Size

      438KB

    • MD5

      ae033c3be63a96dcba69e36f8cdfd9d9

    • SHA1

      4c13bb22640cbd92922d306fca51439a55f28220

    • SHA256

      1244239e399a6b0a5aec10c38c6b4e83029f60409f4457d390fb18d47a51e13b

    • SHA512

      34035face27213870bc5db95bbe50cb23366cc792f445ebfc0169e7e871acae68b6f2780f14fdefe0d9068dea240bc8569fb37bb64ece10dc9f301e20e9f0847

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks