buer | 87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae | Triage

Submit
Reports

Overview

overview

Static

static

87d4ae3570...ae.exe

windows7_x64

87d4ae3570...ae.exe

windows10_x64

Sharing

General

Target

87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae
Size

35KB
Sample

201110-84vrz1nama
MD5

69c7b8274b687875a08b20311147a9dd
SHA1

9ab047d53100e007c1ef89a0769a949d83d39367
SHA256

87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae
SHA512

fb13c89282524ec99e339d6d94d4fdb8f9e29d39fc72881937229737b7b90b1e3f27652f1e2c16975b08cdd70213dbc8fd092dc37e274dad0a2723dfbcbadd33

Score

10^/10

buer loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae.exe

Resource

win7v20201028

buer loader persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae.exe

Resource

win10v20201028

buer loader persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

https://free-soft.cc/

https://free-pc-soft.cc/

Targets

- Target
  
  87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae
- Size
  
  35KB
- MD5
  
  69c7b8274b687875a08b20311147a9dd
- SHA1
  
  9ab047d53100e007c1ef89a0769a949d83d39367
- SHA256
  
  87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae
- SHA512
  
  fb13c89282524ec99e339d6d94d4fdb8f9e29d39fc72881937229737b7b90b1e3f27652f1e2c16975b08cdd70213dbc8fd092dc37e274dad0a2723dfbcbadd33
Score

10^/10

buer loader persistence
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Modifies WinLogon for persistence
  persistence
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistence

behavioral2

buerloaderpersistence

© 2018-2025

Terms | Privacy