buer | a1bdc2ca2e359ac7d5c26afb3cd89bb39285b8a8acc5876e691ceb4ba807b704 | Triage

Submit
Reports

Overview

overview

Static

static

Electronic...52.exe

windows7_x64

Electronic...52.exe

windows10_x64

Sharing

General

Target

Electronic_Tracking_INV_#9836582365728523752.exe
Size

245KB
Sample

200811-wzavn447yn
MD5

64f86981c7450dfd2c3915f213fc6720
SHA1

5410d0e8569f0936b32de3199e8a187d6227fc1f
SHA256

a1bdc2ca2e359ac7d5c26afb3cd89bb39285b8a8acc5876e691ceb4ba807b704
SHA512

02e9e2e41a96a4e0279de44c5cdd7c18a4d08966e0e2ba9979d929f0fa5a902db1ceb3f2eb8a73d97725eed917f9e57d11999a0218f3f286908bf7e731931b22

Score

10^/10

buer loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

Electronic_Tracking_INV_#9836582365728523752.exe

Resource

win7

buer loader persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Electronic_Tracking_INV_#9836582365728523752.exe

Resource

win10v200722

buer loader persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

https://specialhosting.ga/

Targets

- Target
  
  Electronic_Tracking_INV_#9836582365728523752.exe
- Size
  
  245KB
- MD5
  
  64f86981c7450dfd2c3915f213fc6720
- SHA1
  
  5410d0e8569f0936b32de3199e8a187d6227fc1f
- SHA256
  
  a1bdc2ca2e359ac7d5c26afb3cd89bb39285b8a8acc5876e691ceb4ba807b704
- SHA512
  
  02e9e2e41a96a4e0279de44c5cdd7c18a4d08966e0e2ba9979d929f0fa5a902db1ceb3f2eb8a73d97725eed917f9e57d11999a0218f3f286908bf7e731931b22
Score

10^/10

buer loader persistence
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Modifies WinLogon for persistence
  persistence
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistence

behavioral2

buerloaderpersistence

© 2018-2024

Terms | Privacy