General
-
Target
d54021cfbb9b4555a56c44b67840144135b7f48db309b9d742ccf2ab905a9ea1
-
Size
300KB
-
Sample
220708-r3rtgaged2
-
MD5
5b2a632e53f1a8dc2c9211232b9d38fa
-
SHA1
35aad39a9b23286492f29e73ff3c52ef2e16ac23
-
SHA256
d54021cfbb9b4555a56c44b67840144135b7f48db309b9d742ccf2ab905a9ea1
-
SHA512
62129b43724e0f19413bf5b1f9a6503e1d1a055c6270f9e00428c09c0127f6582268e061e659643523124cc247c96b6cc51c52b2c86f80f3b0c4643d3a998ff8
Malware Config
Targets
-
-
Target
d54021cfbb9b4555a56c44b67840144135b7f48db309b9d742ccf2ab905a9ea1
-
Size
300KB
-
MD5
5b2a632e53f1a8dc2c9211232b9d38fa
-
SHA1
35aad39a9b23286492f29e73ff3c52ef2e16ac23
-
SHA256
d54021cfbb9b4555a56c44b67840144135b7f48db309b9d742ccf2ab905a9ea1
-
SHA512
62129b43724e0f19413bf5b1f9a6503e1d1a055c6270f9e00428c09c0127f6582268e061e659643523124cc247c96b6cc51c52b2c86f80f3b0c4643d3a998ff8
Score10/10-
Taurus Stealer
Taurus is an infostealer first seen in June 2020.
-
Taurus Stealer payload
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-