General

  • Target

    f4a017798debc249a211382a6ee173ae

  • Size

    339KB

  • Sample

    211018-l1xn2secgl

  • MD5

    f4a017798debc249a211382a6ee173ae

  • SHA1

    ee22a64c96a1a9420297a4f5fac53d1b57c857fd

  • SHA256

    0bd4e5e0255dc4522b82cb22b93d899792243265c4a42a8437a613694e77970d

  • SHA512

    db421c27a4e0ca5ae02c94389a4ec4732ce81875b1908057cad7848224b87e5257958f88433af80051590f36906a115741ecf19e14047e95ab74879ef696389a

Malware Config

Targets

    • Target

      f4a017798debc249a211382a6ee173ae

    • Size

      339KB

    • MD5

      f4a017798debc249a211382a6ee173ae

    • SHA1

      ee22a64c96a1a9420297a4f5fac53d1b57c857fd

    • SHA256

      0bd4e5e0255dc4522b82cb22b93d899792243265c4a42a8437a613694e77970d

    • SHA512

      db421c27a4e0ca5ae02c94389a4ec4732ce81875b1908057cad7848224b87e5257958f88433af80051590f36906a115741ecf19e14047e95ab74879ef696389a

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks