General

  • Target

    bda43d685cca5973b334f482411aeaafbabbc9eceb4b763e169607589b3ad36e

  • Size

    1.6MB

  • Sample

    220320-b14r9aeca2

  • MD5

    e56266c6d312ef4a0794f0e68ac50904

  • SHA1

    8a803f1e946763230056feb83dfe82b58a4f656e

  • SHA256

    bda43d685cca5973b334f482411aeaafbabbc9eceb4b763e169607589b3ad36e

  • SHA512

    64e60b79b29ff2788e4709d7c0aff5d2e93a6e468a08d450490ca930963da3699ca183016697afe9be3988e10c959734ed966b77c5e05be40ffea2c32f738364

Malware Config

Targets

    • Target

      bda43d685cca5973b334f482411aeaafbabbc9eceb4b763e169607589b3ad36e

    • Size

      1.6MB

    • MD5

      e56266c6d312ef4a0794f0e68ac50904

    • SHA1

      8a803f1e946763230056feb83dfe82b58a4f656e

    • SHA256

      bda43d685cca5973b334f482411aeaafbabbc9eceb4b763e169607589b3ad36e

    • SHA512

      64e60b79b29ff2788e4709d7c0aff5d2e93a6e468a08d450490ca930963da3699ca183016697afe9be3988e10c959734ed966b77c5e05be40ffea2c32f738364

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks