General

  • Target

    https://docs.google.com/document/d/e/2PACX-1vTUh2dspNAMu0_rmKue5u4q84lPLQWmbmjXBluwEMUu3m7OT2WO5jev9uMdGDpP1LCaYJu2YJhfu3Pq/pub

  • Sample

    200922-52a1x6mlcx

Score
10/10

Malware Config

Extracted

Family

buer

C2

https://104.248.83.13/

Targets

    • Target

      https://docs.google.com/document/d/e/2PACX-1vTUh2dspNAMu0_rmKue5u4q84lPLQWmbmjXBluwEMUu3m7OT2WO5jev9uMdGDpP1LCaYJu2YJhfu3Pq/pub

    Score
    10/10
    • Buer

      Buer is a new modular loader first seen in August 2019.

    • Buer Loader

      Detects Buer loader in memory or disk.

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks