Overview

overview

10

Static

static

9fb0bbfedf...83.exe

windows7_x64

10

9fb0bbfedf...83.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9fb0bbfedfcc264a83a8968fce7e9a64df16000921602794f9a68ecb7e4f8783

  • Size

    295KB

  • Sample

    220512-r631xabggj

  • MD5

    1c30e5420d07219610e04bca768ced5e

  • SHA1

    4a15cc924dcbcf33f4ff4a74865128efbbf49883

  • SHA256

    9fb0bbfedfcc264a83a8968fce7e9a64df16000921602794f9a68ecb7e4f8783

  • SHA512

    7b42d1806a9d7b5c16f5d01eaa08074724de68bbe051152eb2650c6ad1b3eb8596579aecb50e351a6d727b90e12019a730b884a5888f3cfb426e7844a0ba0458

Score
10/10
taurusdiscoveryspywarestealertrojan

Malware Config

Targets

    • Target

      9fb0bbfedfcc264a83a8968fce7e9a64df16000921602794f9a68ecb7e4f8783

    • Size

      295KB

    • MD5

      1c30e5420d07219610e04bca768ced5e

    • SHA1

      4a15cc924dcbcf33f4ff4a74865128efbbf49883

    • SHA256

      9fb0bbfedfcc264a83a8968fce7e9a64df16000921602794f9a68ecb7e4f8783

    • SHA512

      7b42d1806a9d7b5c16f5d01eaa08074724de68bbe051152eb2650c6ad1b3eb8596579aecb50e351a6d727b90e12019a730b884a5888f3cfb426e7844a0ba0458

    Score
    10/10
    taurusdiscoveryspywarestealertrojan

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

      trojanstealertaurus

    • Taurus Stealer Payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks