General

  • Target

    3652e235e65e5feacfbbd3c376f91a551936d31023878b3c746254d079f4665e

  • Size

    215KB

  • Sample

    220329-zte3babbh9

  • MD5

    227892247e3554bf501d4f204b2f721b

  • SHA1

    b067971d9cf51d4346c7f411297ce07034b680f6

  • SHA256

    3652e235e65e5feacfbbd3c376f91a551936d31023878b3c746254d079f4665e

  • SHA512

    21386360c7faf9167f191e8e552693a914d32881c2630cd65545e3cc31d64f4e5453ae4d28e92e34961bec67c2abe7142cae93aeb3faeccad200c96b7bf8021b

Malware Config

Targets

    • Target

      3652e235e65e5feacfbbd3c376f91a551936d31023878b3c746254d079f4665e

    • Size

      215KB

    • MD5

      227892247e3554bf501d4f204b2f721b

    • SHA1

      b067971d9cf51d4346c7f411297ce07034b680f6

    • SHA256

      3652e235e65e5feacfbbd3c376f91a551936d31023878b3c746254d079f4665e

    • SHA512

      21386360c7faf9167f191e8e552693a914d32881c2630cd65545e3cc31d64f4e5453ae4d28e92e34961bec67c2abe7142cae93aeb3faeccad200c96b7bf8021b

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks