General

  • Target

    7e4ecaf84d9baca241187c303bd3ccd465d9a823dda761dba9910f3ebe533a04

  • Size

    263KB

  • Sample

    220329-zs65eafdap

  • MD5

    7b4b1d555274a3585a2863dbe68ff1cf

  • SHA1

    7190c2c34294bb62af7f1bfe1950763377a3798b

  • SHA256

    7e4ecaf84d9baca241187c303bd3ccd465d9a823dda761dba9910f3ebe533a04

  • SHA512

    42c7395f263b7cfbd3c57c62f567817dfc13c1549be0f4ccc723381f49251fdcdadf77f2e179cc7eb7c08953171c353cea619642e154af9b8ffb57b8b6e16788

Malware Config

Targets

    • Target

      7e4ecaf84d9baca241187c303bd3ccd465d9a823dda761dba9910f3ebe533a04

    • Size

      263KB

    • MD5

      7b4b1d555274a3585a2863dbe68ff1cf

    • SHA1

      7190c2c34294bb62af7f1bfe1950763377a3798b

    • SHA256

      7e4ecaf84d9baca241187c303bd3ccd465d9a823dda761dba9910f3ebe533a04

    • SHA512

      42c7395f263b7cfbd3c57c62f567817dfc13c1549be0f4ccc723381f49251fdcdadf77f2e179cc7eb7c08953171c353cea619642e154af9b8ffb57b8b6e16788

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks