General

  • Target

    e7da580314a04c280a7144f0b44fdc9abeb48d9a7ed240d137391aa5faf95986

  • Size

    266KB

  • Sample

    220319-3lk55sccb6

  • MD5

    eb003f41b78f65403581ea9430f2f0f7

  • SHA1

    a502a845fe7d77e86d45cb651abec60e863dbf7e

  • SHA256

    e7da580314a04c280a7144f0b44fdc9abeb48d9a7ed240d137391aa5faf95986

  • SHA512

    005f63a1a3e1b5eaf4f4f63c9ea88bde665021675f12f15886d93297c0de7f6fe868598e8905af410b29d3c936a54e66c98b98ac1b5478ccc0b020879d4f20f8

Malware Config

Targets

    • Target

      e7da580314a04c280a7144f0b44fdc9abeb48d9a7ed240d137391aa5faf95986

    • Size

      266KB

    • MD5

      eb003f41b78f65403581ea9430f2f0f7

    • SHA1

      a502a845fe7d77e86d45cb651abec60e863dbf7e

    • SHA256

      e7da580314a04c280a7144f0b44fdc9abeb48d9a7ed240d137391aa5faf95986

    • SHA512

      005f63a1a3e1b5eaf4f4f63c9ea88bde665021675f12f15886d93297c0de7f6fe868598e8905af410b29d3c936a54e66c98b98ac1b5478ccc0b020879d4f20f8

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks