General

  • Target

    b797a47861749b5269ac8853742b0ef7ee5739cc450480c82bafaaa270ed87b7

  • Size

    351KB

  • Sample

    230129-ylkgdsch9y

  • MD5

    08566cf6af0080cc7d2fab254ccb7d8e

  • SHA1

    3d094a64d250c1c67caadc1930d800973ddd8237

  • SHA256

    b797a47861749b5269ac8853742b0ef7ee5739cc450480c82bafaaa270ed87b7

  • SHA512

    e2791a497603738e0180a0be593ab28b3a89e340fe16baf71077184999b5eef2b6b5b7155072e82ae5035f7c2e668f881133d26a91a287129f05cc9373050244

  • SSDEEP

    6144:gCDHU44quM5Vqrq1MtCZx1YfV+n0J0q5q+m2tEaELUTBk8IxWBvO4IwymeAl/:g344jgUrOMtyzSVHfI+vybHBxWlOTwsI

Malware Config

Targets

    • Target

      b797a47861749b5269ac8853742b0ef7ee5739cc450480c82bafaaa270ed87b7

    • Size

      351KB

    • MD5

      08566cf6af0080cc7d2fab254ccb7d8e

    • SHA1

      3d094a64d250c1c67caadc1930d800973ddd8237

    • SHA256

      b797a47861749b5269ac8853742b0ef7ee5739cc450480c82bafaaa270ed87b7

    • SHA512

      e2791a497603738e0180a0be593ab28b3a89e340fe16baf71077184999b5eef2b6b5b7155072e82ae5035f7c2e668f881133d26a91a287129f05cc9373050244

    • SSDEEP

      6144:gCDHU44quM5Vqrq1MtCZx1YfV+n0J0q5q+m2tEaELUTBk8IxWBvO4IwymeAl/:g344jgUrOMtyzSVHfI+vybHBxWlOTwsI

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks