General

  • Target

    Preview.exe

  • Size

    577KB

  • Sample

    200923-vt4hm22mjj

  • MD5

    50d70228e09abf06f3e7f41b9e1295cb

  • SHA1

    9e3adaba7dc1092c610c8da7b27b11afc11ddc3d

  • SHA256

    bee606dfb763d8d5a648fed649cfb1b8d5a62ac3143a3583634cccc305f26422

  • SHA512

    57a6a7bca8c43e506b8c80f2c31a467ec519a6375a5dfbfa619034d832ad1c340db8fae1483be1fbafdb9e460996a2f6b381fa3bb3f9ea151cf7f87b9bc8ce52

Score
10/10

Malware Config

Extracted

Family

buer

C2

https://178.62.46.155/

Targets

    • Target

      Preview.exe

    • Size

      577KB

    • MD5

      50d70228e09abf06f3e7f41b9e1295cb

    • SHA1

      9e3adaba7dc1092c610c8da7b27b11afc11ddc3d

    • SHA256

      bee606dfb763d8d5a648fed649cfb1b8d5a62ac3143a3583634cccc305f26422

    • SHA512

      57a6a7bca8c43e506b8c80f2c31a467ec519a6375a5dfbfa619034d832ad1c340db8fae1483be1fbafdb9e460996a2f6b381fa3bb3f9ea151cf7f87b9bc8ce52

    Score
    10/10
    • Buer

      Buer is a new modular loader first seen in August 2019.

    • Buer Loader

      Detects Buer loader in memory or disk.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks