General

  • Target

    aff05ef2dc491a0d44fc95d75a80ffee

  • Size

    456KB

  • Sample

    211018-l1wfzsddc4

  • MD5

    aff05ef2dc491a0d44fc95d75a80ffee

  • SHA1

    6c45be68f82d2c02abeb55d6e94bc5b6027cd6b3

  • SHA256

    53c2911eef02e8faa94c97c973fb6fb7b7891c9db63c2069dfc5e4e3dc007a67

  • SHA512

    54969a391dc3c8dd0ecdcaa8713cfbd5fdd1ccd935d1b24c9fbed07b9e3893ded763c3cd5a796535aeae172d732644108a3e49573bac41e5bd83f00604350de8

Malware Config

Targets

    • Target

      aff05ef2dc491a0d44fc95d75a80ffee

    • Size

      456KB

    • MD5

      aff05ef2dc491a0d44fc95d75a80ffee

    • SHA1

      6c45be68f82d2c02abeb55d6e94bc5b6027cd6b3

    • SHA256

      53c2911eef02e8faa94c97c973fb6fb7b7891c9db63c2069dfc5e4e3dc007a67

    • SHA512

      54969a391dc3c8dd0ecdcaa8713cfbd5fdd1ccd935d1b24c9fbed07b9e3893ded763c3cd5a796535aeae172d732644108a3e49573bac41e5bd83f00604350de8

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks