General
-
Target
3273840f7c787605a57e054dc76e740e75e58061f309a18b481c0e41d0738f73
-
Size
303KB
-
Sample
220221-22kc4sbdg4
-
MD5
2da74cb135cb2324bb1ffa2a6032306e
-
SHA1
c67afe84724d414c4c6a40801cf3d11e3f8f96bc
-
SHA256
3273840f7c787605a57e054dc76e740e75e58061f309a18b481c0e41d0738f73
-
SHA512
91c8f1570c418d38f0b5de2f8f72101dec5bce3da10e5c7336a4925966d2f052dbff071c3d35aa300ac8dcfec8b38956edee23b7c2cf7e63a3b1a37d2c9f516f
Static task
static1
Behavioral task
behavioral1
Sample
DOCUMENT FILE.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
DOCUMENT FILE.exe
-
Size
360KB
-
MD5
fbe426a8d46b433667c3a30f38c703ab
-
SHA1
bed53dc755559ecc8ed6a84f7efbe877937324de
-
SHA256
847fa8413751c698b7cb1f258a4365d8e50915e4811fa916308f6b0e18cbc17d
-
SHA512
8c22771d773da05bb36d0f4285c25b61157ad42c044d6029f98103b755b5567b2964d225fd18d9d0295bb25a002ba8c9dec9a9567862822ced0ea108f26c8956
-
Taurus Stealer Payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-