General

  • Target

    dc834af94d4cba3391bcd4b6537b8b9f

  • Size

    939KB

  • Sample

    231228-nv4xaacdd3

  • MD5

    dc834af94d4cba3391bcd4b6537b8b9f

  • SHA1

    7b238266576ba6d7340f340f168d3695018e9658

  • SHA256

    70a99ba0d7f5480712d328df4fbee1b292785672ca182eb470cc24ee2aefa2e2

  • SHA512

    103eb5eaf0af283ccd0e8167dc7468386f3ec032d7420b6a63630ce0259b1282ddf2408a0aa744af7e39d3e05e050b47a8514c5504e0485dab3e431943b6ee27

  • SSDEEP

    6144:D1f6vg7Sq49hmWdQ++WD+z91pC+MmA506FF1ZYN7EEpLdJF+UYELYGcJg65H0d9O:D1fzSzkq0z91p1MmAjPANbrMUF8Gxf

Malware Config

Targets

    • Target

      dc834af94d4cba3391bcd4b6537b8b9f

    • Size

      939KB

    • MD5

      dc834af94d4cba3391bcd4b6537b8b9f

    • SHA1

      7b238266576ba6d7340f340f168d3695018e9658

    • SHA256

      70a99ba0d7f5480712d328df4fbee1b292785672ca182eb470cc24ee2aefa2e2

    • SHA512

      103eb5eaf0af283ccd0e8167dc7468386f3ec032d7420b6a63630ce0259b1282ddf2408a0aa744af7e39d3e05e050b47a8514c5504e0485dab3e431943b6ee27

    • SSDEEP

      6144:D1f6vg7Sq49hmWdQ++WD+z91pC+MmA506FF1ZYN7EEpLdJF+UYELYGcJg65H0d9O:D1fzSzkq0z91p1MmAjPANbrMUF8Gxf

    • Taurus Stealer

      Taurus is an infostealer first seen in June 2020.

    • Taurus Stealer payload

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses 2FA software files, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks