General

  • Target

    00d75b7e658d2f1aab339c6042732dc8013a9de5fed115e7c43c0f3f64909379

  • Size

    204KB

  • Sample

    220329-zttwgabca7

  • MD5

    166d0dd4d75e3734e91a802df40623a8

  • SHA1

    827a2e37fadaf3203125f842b69f52f38f36cc9a

  • SHA256

    00d75b7e658d2f1aab339c6042732dc8013a9de5fed115e7c43c0f3f64909379

  • SHA512

    0a5e903e4506f2ecf3a3d4f005966befa708ab08b43a4c4b018c271c8b23887b9856aacbb506105467f6188e28df5871ba2949bac2e6e9103187133ffb576b5f

Malware Config

Targets

    • Target

      00d75b7e658d2f1aab339c6042732dc8013a9de5fed115e7c43c0f3f64909379

    • Size

      204KB

    • MD5

      166d0dd4d75e3734e91a802df40623a8

    • SHA1

      827a2e37fadaf3203125f842b69f52f38f36cc9a

    • SHA256

      00d75b7e658d2f1aab339c6042732dc8013a9de5fed115e7c43c0f3f64909379

    • SHA512

      0a5e903e4506f2ecf3a3d4f005966befa708ab08b43a4c4b018c271c8b23887b9856aacbb506105467f6188e28df5871ba2949bac2e6e9103187133ffb576b5f

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks