General

  • Target

    b271dc3008c0df42f3feae24394a00d2

  • Size

    405KB

  • Sample

    211018-l1wrraecfp

  • MD5

    b271dc3008c0df42f3feae24394a00d2

  • SHA1

    f08690f3715cdf9fd05b9e01d6e823965751353f

  • SHA256

    0f6bc86e5875f5c39966c7bbd5cbcc32e90fd47f48489809407f544c7a25e474

  • SHA512

    a3b10b8b71eb8edccc2d6788cd57a11d084bddc70098e9985cacf37146852849ad2204d4b3859a7d587693cd982482d3394099681074b79349a636b4ce604828

Malware Config

Targets

    • Target

      b271dc3008c0df42f3feae24394a00d2

    • Size

      405KB

    • MD5

      b271dc3008c0df42f3feae24394a00d2

    • SHA1

      f08690f3715cdf9fd05b9e01d6e823965751353f

    • SHA256

      0f6bc86e5875f5c39966c7bbd5cbcc32e90fd47f48489809407f544c7a25e474

    • SHA512

      a3b10b8b71eb8edccc2d6788cd57a11d084bddc70098e9985cacf37146852849ad2204d4b3859a7d587693cd982482d3394099681074b79349a636b4ce604828

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks