buer | 6c7f43434e5db8703c0a47dedeeab976159d8704bfbe2e4ff65405f38d508e9d | Triage

Resubmissions

29-09-2020 07:25

200929-5b9lsc36cj 6

23-09-2020 06:28

200923-xa32lpxv26 10

Analysis

max time kernel
2s
max time network
16s
platform
windows7_x64
resource
win7
submitted
23-09-2020 06:28

Sharing

Report Analysis Logs

General

Target

6c7f43434e5db8703c0a47dedeeab976159d8704bfbe2e4ff65405f38d508e9d.exe
Size

598KB
MD5

8b44470c7ff69ae671ff6e04550ee15f
SHA1

123f9a7487cd0fdd772f0e7bb19e70d1ee3a32e7
SHA256

6c7f43434e5db8703c0a47dedeeab976159d8704bfbe2e4ff65405f38d508e9d
SHA512

0e03e5895bd406ed61c6e5343e184eb5a86d4ee1b195b35be88fea4fee4508b0a525725ec92971f2c0bc1a929d4dda1f0853bc576071cdefef8adb1a5f45e0de

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

https://104.248.83.13/

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral1/memory/1156-0-0x0000000000240000-0x000000000024F000-memory.dmp	buer
behavioral1/memory/1156-1-0x0000000040000000-0x000000004000C000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\6c7f43434e5db8703c0a47dedeeab976159d8704bfbe2e4ff65405f38d508e9d.exe
"C:\Users\Admin\AppData\Local\Temp\6c7f43434e5db8703c0a47dedeeab976159d8704bfbe2e4ff65405f38d508e9d.exe"
1⤵
PID:1156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1156-0-0x0000000000240000-0x000000000024F000-memory.dmp

Filesize
60KB

Download
memory/1156-1-0x0000000040000000-0x000000004000C000-memory.dmp

Filesize
48KB

Download