General

  • Target

    0789d73d267431f0bf6ed2dea3885a4cc00e185b635b2378ece2f4c3ecaad254

  • Size

    435KB

  • Sample

    220215-ze75jsbbhp

  • MD5

    e6ee67b002cb6faa103debeb3c903ba6

  • SHA1

    fd6a295b24dce06d59173e8e0dbe935c41988ffd

  • SHA256

    0789d73d267431f0bf6ed2dea3885a4cc00e185b635b2378ece2f4c3ecaad254

  • SHA512

    043b8f18eae512b0cc65fcca0ce3f447e459d7bcaccfd5846a481f6f5fac7d047294e10f5485a341ab929e34f1c9ad474d3ff468564e6308b5d7ea35d9698b03

Malware Config

Targets

    • Target

      0789d73d267431f0bf6ed2dea3885a4cc00e185b635b2378ece2f4c3ecaad254

    • Size

      435KB

    • MD5

      e6ee67b002cb6faa103debeb3c903ba6

    • SHA1

      fd6a295b24dce06d59173e8e0dbe935c41988ffd

    • SHA256

      0789d73d267431f0bf6ed2dea3885a4cc00e185b635b2378ece2f4c3ecaad254

    • SHA512

      043b8f18eae512b0cc65fcca0ce3f447e459d7bcaccfd5846a481f6f5fac7d047294e10f5485a341ab929e34f1c9ad474d3ff468564e6308b5d7ea35d9698b03

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks