Overview

overview

10

Static

static

59d94c21e5...e6.exe

windows7_x64

10

59d94c21e5...e6.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59d94c21e52c401c323cf8b0e3ba0a688372d617f6001cb9806457f1f89f8ce6

  • Size

    252KB

  • Sample

    220427-svkkvsehfm

  • MD5

    2a2719c90dcbd34d8aa781effa9243c8

  • SHA1

    894cf6fa49a13257dd11811dafb3079227c30566

  • SHA256

    59d94c21e52c401c323cf8b0e3ba0a688372d617f6001cb9806457f1f89f8ce6

  • SHA512

    9cefcee53b17ebbf1129d94805f2c881577abe1ac332b67e3353c56f3ddb0a700c8f3f7a831ff1d6a658e069af7777bfb4df7bca5556b9b08b42fa97af156fd2

Score
10/10
taurusdiscoveryspywarestealertrojan

Malware Config

Targets

    • Target

      59d94c21e52c401c323cf8b0e3ba0a688372d617f6001cb9806457f1f89f8ce6

    • Size

      252KB

    • MD5

      2a2719c90dcbd34d8aa781effa9243c8

    • SHA1

      894cf6fa49a13257dd11811dafb3079227c30566

    • SHA256

      59d94c21e52c401c323cf8b0e3ba0a688372d617f6001cb9806457f1f89f8ce6

    • SHA512

      9cefcee53b17ebbf1129d94805f2c881577abe1ac332b67e3353c56f3ddb0a700c8f3f7a831ff1d6a658e069af7777bfb4df7bca5556b9b08b42fa97af156fd2

    Score
    10/10
    taurusdiscoveryspywarestealertrojan

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

      trojanstealertaurus

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks