taurus | 42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20 | Triage

Submit
Reports

Overview

overview

Static

static

42d5c8c21c...20.exe

windows7-x64

42d5c8c21c...20.exe

windows10-2004-x64

Sharing

General

Target

42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20
Size

869KB
Sample

230129-ybgmrace41
MD5

727be7b61ca42c59142a37ea2a05bfb2
SHA1

efdbcb00185dd49538473dd3ceae33b9bd6d618a
SHA256

42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20
SHA512

a45a73892522bf3050f072baf973ec55da4b7b7ed2ac3b1832e54a96caf107c7410d6d006a5528034981adf3922e8273c60af2ed3e441891d8263dbdae52c0cb
SSDEEP

12288:DNbrMUF8Gxf2l9iGv+nhoVMYB82OncXmONbrMUF8Gxf:xhmCgiGv+nhW82OnUhmC

Score

10^/10

taurus spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20.exe

Resource

win7-20221111-en

taurus spyware stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20.exe

Resource

win10v2004-20221111-en

taurus spyware stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20
- Size
  
  869KB
- MD5
  
  727be7b61ca42c59142a37ea2a05bfb2
- SHA1
  
  efdbcb00185dd49538473dd3ceae33b9bd6d618a
- SHA256
  
  42d5c8c21c595230a1b3f5555cda9acfdd04ff0c8819468ebb5a7d5763887d20
- SHA512
  
  a45a73892522bf3050f072baf973ec55da4b7b7ed2ac3b1832e54a96caf107c7410d6d006a5528034981adf3922e8273c60af2ed3e441891d8263dbdae52c0cb
- SSDEEP
  
  12288:DNbrMUF8Gxf2l9iGv+nhoVMYB82OncXmONbrMUF8Gxf:xhmCgiGv+nhW82OnUhmC
Score

10^/10

taurus spyware stealer trojan
- Taurus Stealer
  Taurus is an infostealer first seen in June 2020.
  trojan stealer taurus
- Taurus Stealer payload
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

taurusspywarestealertrojan

behavioral2

taurusspywarestealertrojan

© 2018-2024

Terms | Privacy