General

  • Target

    7d3f0e26503e3a21c3785314a11d0f5a16ac25164d9e5208c36cb1551ccb5a3d

  • Size

    382KB

  • Sample

    220330-bpy3maaahn

  • MD5

    68607ce4b8d62e602a2895b17bbe7e0b

  • SHA1

    67ed0f2dcb13389c5812ea73411045aec570bf74

  • SHA256

    7d3f0e26503e3a21c3785314a11d0f5a16ac25164d9e5208c36cb1551ccb5a3d

  • SHA512

    fd74b73d99ce38fed02ff7f5494c941aa197b7564e263b0ca42da3fac134a14d1b2fc971385fda075d19842a759ceb4a8a76ed7ad1d382177204086a1e32c3e4

Malware Config

Targets

    • Target

      7d3f0e26503e3a21c3785314a11d0f5a16ac25164d9e5208c36cb1551ccb5a3d

    • Size

      382KB

    • MD5

      68607ce4b8d62e602a2895b17bbe7e0b

    • SHA1

      67ed0f2dcb13389c5812ea73411045aec570bf74

    • SHA256

      7d3f0e26503e3a21c3785314a11d0f5a16ac25164d9e5208c36cb1551ccb5a3d

    • SHA512

      fd74b73d99ce38fed02ff7f5494c941aa197b7564e263b0ca42da3fac134a14d1b2fc971385fda075d19842a759ceb4a8a76ed7ad1d382177204086a1e32c3e4

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks