General

  • Target

    4fce06984a37520facd8d9f6809527c293c166af780f9daeb38a5328d5cbe203

  • Size

    5.0MB

  • Sample

    220320-dzmhpagac9

  • MD5

    3cceefcb83578bf4d1b0e97bcf368a19

  • SHA1

    3b99a02d13e2fcf72d4f18a713a99605645d53f1

  • SHA256

    4fce06984a37520facd8d9f6809527c293c166af780f9daeb38a5328d5cbe203

  • SHA512

    98ae925808598c18c92c92410b58f798416c9dd2700e05d5771fd9b4ead7a5a92d86d862fe3bd0e632b3ae895fec16c540e0a6ad61212a3d273103a2a32e97e1

Malware Config

Targets

    • Target

      4fce06984a37520facd8d9f6809527c293c166af780f9daeb38a5328d5cbe203

    • Size

      5.0MB

    • MD5

      3cceefcb83578bf4d1b0e97bcf368a19

    • SHA1

      3b99a02d13e2fcf72d4f18a713a99605645d53f1

    • SHA256

      4fce06984a37520facd8d9f6809527c293c166af780f9daeb38a5328d5cbe203

    • SHA512

      98ae925808598c18c92c92410b58f798416c9dd2700e05d5771fd9b4ead7a5a92d86d862fe3bd0e632b3ae895fec16c540e0a6ad61212a3d273103a2a32e97e1

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks