General

  • Target

    4beed1cd6beb1942789697fe6b60704916d40fa3b4fe5fff277a1912ab44eead

  • Size

    432KB

  • Sample

    220330-brdjpsabaq

  • MD5

    5c0cb0989991831b0d96c3e0d9bd20e5

  • SHA1

    9fe24402c6631db536f344512b1e677ca4ca5616

  • SHA256

    4beed1cd6beb1942789697fe6b60704916d40fa3b4fe5fff277a1912ab44eead

  • SHA512

    d9ca45712d6edb9397f7331641249cc765c3b00a271259bb0c2b5a0d3cd66ed0571399a4d6cb132b0b2d8fd69f0d4f980562898eb28bb3c768e47384f695664d

Malware Config

Targets

    • Target

      4beed1cd6beb1942789697fe6b60704916d40fa3b4fe5fff277a1912ab44eead

    • Size

      432KB

    • MD5

      5c0cb0989991831b0d96c3e0d9bd20e5

    • SHA1

      9fe24402c6631db536f344512b1e677ca4ca5616

    • SHA256

      4beed1cd6beb1942789697fe6b60704916d40fa3b4fe5fff277a1912ab44eead

    • SHA512

      d9ca45712d6edb9397f7331641249cc765c3b00a271259bb0c2b5a0d3cd66ed0571399a4d6cb132b0b2d8fd69f0d4f980562898eb28bb3c768e47384f695664d

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks