General

  • Target

    dab8845fdec7b9c436287f8bdcaf516d

  • Size

    1.6MB

  • Sample

    211018-l1xdaaddc9

  • MD5

    dab8845fdec7b9c436287f8bdcaf516d

  • SHA1

    af9683f4f13c131a027e47683d202eeb502e54ef

  • SHA256

    ae6a91cfb49c616fe12f1f8a6212728700f6954ce06d09b9b668dfdd102ff1f3

  • SHA512

    dd304f8c5c66c020b003aae40f8c084fc4874e8a3afb4297e183b08e49e46f261274f6d31157791db0267a7c02a992e4e70a61df51873f937e1d1d624dae8f73

Malware Config

Targets

    • Target

      dab8845fdec7b9c436287f8bdcaf516d

    • Size

      1.6MB

    • MD5

      dab8845fdec7b9c436287f8bdcaf516d

    • SHA1

      af9683f4f13c131a027e47683d202eeb502e54ef

    • SHA256

      ae6a91cfb49c616fe12f1f8a6212728700f6954ce06d09b9b668dfdd102ff1f3

    • SHA512

      dd304f8c5c66c020b003aae40f8c084fc4874e8a3afb4297e183b08e49e46f261274f6d31157791db0267a7c02a992e4e70a61df51873f937e1d1d624dae8f73

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Accesses 2FA software files, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks