General

  • Target

    b69acaf352c50b4975ee9142aba27ba1

  • Size

    261KB

  • Sample

    211018-l1wrraecfq

  • MD5

    b69acaf352c50b4975ee9142aba27ba1

  • SHA1

    a57ea60f84801e29d335de8e23c911de3e83e0d2

  • SHA256

    5396b6a7657f142635ec25225138dc80825f03f7c5410d93e944ce163000080e

  • SHA512

    f45ea5f76327e4149a124f05c56e7204a15e8c1e4f06c57b132674c3177e9bd667c7d2fca427288a46afa91b3f8ee8faa92564badc58f04416b99dab50aad41e

Malware Config

Targets

    • Target

      b69acaf352c50b4975ee9142aba27ba1

    • Size

      261KB

    • MD5

      b69acaf352c50b4975ee9142aba27ba1

    • SHA1

      a57ea60f84801e29d335de8e23c911de3e83e0d2

    • SHA256

      5396b6a7657f142635ec25225138dc80825f03f7c5410d93e944ce163000080e

    • SHA512

      f45ea5f76327e4149a124f05c56e7204a15e8c1e4f06c57b132674c3177e9bd667c7d2fca427288a46afa91b3f8ee8faa92564badc58f04416b99dab50aad41e

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks