General

  • Target

    55a5267351081e3fddf8d46b8bfdf34b1a46661e49647923535c6fc122b23262

  • Size

    192KB

  • Sample

    220330-bme7qseab3

  • MD5

    ea3506788c63246f8bcb7c4b4862a11f

  • SHA1

    df19906e90a6ed5bd55f64ed1840d37ca7e51a67

  • SHA256

    55a5267351081e3fddf8d46b8bfdf34b1a46661e49647923535c6fc122b23262

  • SHA512

    8539d71897ebde2fd803ad7fc2a663668c2f6b7b2d1ebd32d705e760ab3c732bf0984e208f6e40f6d79b94eedc1dfbb2b69508f8dcbbd8656d76a6ee475ea60c

Malware Config

Targets

    • Target

      55a5267351081e3fddf8d46b8bfdf34b1a46661e49647923535c6fc122b23262

    • Size

      192KB

    • MD5

      ea3506788c63246f8bcb7c4b4862a11f

    • SHA1

      df19906e90a6ed5bd55f64ed1840d37ca7e51a67

    • SHA256

      55a5267351081e3fddf8d46b8bfdf34b1a46661e49647923535c6fc122b23262

    • SHA512

      8539d71897ebde2fd803ad7fc2a663668c2f6b7b2d1ebd32d705e760ab3c732bf0984e208f6e40f6d79b94eedc1dfbb2b69508f8dcbbd8656d76a6ee475ea60c

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks