General

  • Target

    4f2c35eb6899ef553b92798363fd8f6c25c8b4eef4218e204910614638aa2ffb.bin

  • Size

    401KB

  • Sample

    220715-gynadaebej

  • MD5

    7e79a9ac1dbbda7d2cd4c90a78395fe7

  • SHA1

    919c526b943618dcd57d798592cc24fdd8d04ba5

  • SHA256

    4f2c35eb6899ef553b92798363fd8f6c25c8b4eef4218e204910614638aa2ffb

  • SHA512

    9dfc7b3fb483a0f59cfc6d97921ba409dc4ce00855d4903f039c35e3336ba4d3368b54d6e4b082a3e6bf1ac431efe0135306a83096de34b1443c8d60799a20a3

Malware Config

Targets

    • Target

      4f2c35eb6899ef553b92798363fd8f6c25c8b4eef4218e204910614638aa2ffb.bin

    • Size

      401KB

    • MD5

      7e79a9ac1dbbda7d2cd4c90a78395fe7

    • SHA1

      919c526b943618dcd57d798592cc24fdd8d04ba5

    • SHA256

      4f2c35eb6899ef553b92798363fd8f6c25c8b4eef4218e204910614638aa2ffb

    • SHA512

      9dfc7b3fb483a0f59cfc6d97921ba409dc4ce00855d4903f039c35e3336ba4d3368b54d6e4b082a3e6bf1ac431efe0135306a83096de34b1443c8d60799a20a3

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks