General

  • Target

    1391d963734cd19a99e7998cba8f3cefd2e813acfa5730276e7a735fda98b806

  • Size

    344KB

  • Sample

    220319-vss6bseecm

  • MD5

    ea517717c2b85cc4c0ddcfb8437fa416

  • SHA1

    8f8482a480848a7998e59be96783910daea2dad1

  • SHA256

    1391d963734cd19a99e7998cba8f3cefd2e813acfa5730276e7a735fda98b806

  • SHA512

    ea50065b98455c7377a29d801d5c5167f633307869b6b9ab808389f0f670ceb40a4aecc74b95372ef343038d5d2176d13688e399d2a7336e8a82f17ee361a660

Malware Config

Targets

    • Target

      1391d963734cd19a99e7998cba8f3cefd2e813acfa5730276e7a735fda98b806

    • Size

      344KB

    • MD5

      ea517717c2b85cc4c0ddcfb8437fa416

    • SHA1

      8f8482a480848a7998e59be96783910daea2dad1

    • SHA256

      1391d963734cd19a99e7998cba8f3cefd2e813acfa5730276e7a735fda98b806

    • SHA512

      ea50065b98455c7377a29d801d5c5167f633307869b6b9ab808389f0f670ceb40a4aecc74b95372ef343038d5d2176d13688e399d2a7336e8a82f17ee361a660

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks