Overview

overview

10

Static

static

a91b3d9145...52.exe

windows7_x64

10

a91b3d9145...52.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a91b3d9145212348534c3c034dbab63222a6c9f4486b91e9e2ed839a189be752

  • Size

    253KB

  • Sample

    220427-ss5g9aehak

  • MD5

    cec0e3b18affd7e948715d0e0800743e

  • SHA1

    5661c94fc13b5ad409921fc04f01edf1073e12ee

  • SHA256

    a91b3d9145212348534c3c034dbab63222a6c9f4486b91e9e2ed839a189be752

  • SHA512

    259dfb416ac0a340bf3eb47c44e87668ff3a383a386e190c09bcd9b625f1254743c119dd037b3bfbdda862d5140c57a60b67df14eb3228c2535ef11adef858e3

Score
10/10
taurusdiscoveryspywarestealertrojan

Malware Config

Targets

    • Target

      a91b3d9145212348534c3c034dbab63222a6c9f4486b91e9e2ed839a189be752

    • Size

      253KB

    • MD5

      cec0e3b18affd7e948715d0e0800743e

    • SHA1

      5661c94fc13b5ad409921fc04f01edf1073e12ee

    • SHA256

      a91b3d9145212348534c3c034dbab63222a6c9f4486b91e9e2ed839a189be752

    • SHA512

      259dfb416ac0a340bf3eb47c44e87668ff3a383a386e190c09bcd9b625f1254743c119dd037b3bfbdda862d5140c57a60b67df14eb3228c2535ef11adef858e3

    Score
    10/10
    taurusdiscoveryspywarestealertrojan

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

      trojanstealertaurus

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks