General

  • Target

    b85a2c3ec31431455a920154e5e94107

  • Size

    219KB

  • Sample

    211018-l1wrraddc5

  • MD5

    b85a2c3ec31431455a920154e5e94107

  • SHA1

    4ff2a1ffa5071da6e5bcd1071b9ba5e40611bec9

  • SHA256

    159cabb98f08a723cc149e616b467ef3ec34a33e3875ab4940fc6f966bba5491

  • SHA512

    3560d72c9da7a0e1a3221ac4481c364ad5eda27eb86e6938e2856374bebaaf3ed30f06e5366d83ff75f42a56c1e9d3ac2755116b7a22b016908f9d88891638db

Malware Config

Targets

    • Target

      b85a2c3ec31431455a920154e5e94107

    • Size

      219KB

    • MD5

      b85a2c3ec31431455a920154e5e94107

    • SHA1

      4ff2a1ffa5071da6e5bcd1071b9ba5e40611bec9

    • SHA256

      159cabb98f08a723cc149e616b467ef3ec34a33e3875ab4940fc6f966bba5491

    • SHA512

      3560d72c9da7a0e1a3221ac4481c364ad5eda27eb86e6938e2856374bebaaf3ed30f06e5366d83ff75f42a56c1e9d3ac2755116b7a22b016908f9d88891638db

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks