General

  • Target

    e48448d2eff914c9ade6cd4fa03a2871

  • Size

    456KB

  • Sample

    211018-l1xdaaddd2

  • MD5

    e48448d2eff914c9ade6cd4fa03a2871

  • SHA1

    6c193b4f03904955c6a00e08cc46abe8192fb693

  • SHA256

    50c3094cb95527f4530bc12cf307a00f2de46c42b81b38aa224842afceaedb67

  • SHA512

    e0f554a574f137fa8bb6b1044e1d4a0db7fc178fed8a764b952fc8e904481764c01661eb9fde42eea09701a18031ee826ab990597a32cc8e8a9fd439a0fc24d6

Malware Config

Targets

    • Target

      e48448d2eff914c9ade6cd4fa03a2871

    • Size

      456KB

    • MD5

      e48448d2eff914c9ade6cd4fa03a2871

    • SHA1

      6c193b4f03904955c6a00e08cc46abe8192fb693

    • SHA256

      50c3094cb95527f4530bc12cf307a00f2de46c42b81b38aa224842afceaedb67

    • SHA512

      e0f554a574f137fa8bb6b1044e1d4a0db7fc178fed8a764b952fc8e904481764c01661eb9fde42eea09701a18031ee826ab990597a32cc8e8a9fd439a0fc24d6

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks