buer | 553cdc00fc3f98f0aa58936a890cd45cce84cb9ddaeee647459a98a32c2e219d | Triage

Submit
Reports

Overview

overview

Static

static

Notice_Deliv_1.xlsm

windows7_x64

Notice_Deliv_1.xlsm

windows10_x64

Sharing

General

Target

Notice_Deliv_1.xlsm
Size

430KB
Sample

201211-4y7sxhsd7j
MD5

5438405d03af55151af553812a1275cf
SHA1

d00ffc475f4b54ab0a96a494018be43b08fffbf9
SHA256

553cdc00fc3f98f0aa58936a890cd45cce84cb9ddaeee647459a98a32c2e219d
SHA512

073a9c07118e8354d0b435885bb26e8f376b1ed09ac4aa85755eed3901b2c808edeafc895280acb77dc329050be590ff5a5be5f405c8d312e228efeadcd2471a

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

Notice_Deliv_1.xlsm

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Notice_Deliv_1.xlsm

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

heartprogseds.com

Targets

- Target
  
  Notice_Deliv_1.xlsm
- Size
  
  430KB
- MD5
  
  5438405d03af55151af553812a1275cf
- SHA1
  
  d00ffc475f4b54ab0a96a494018be43b08fffbf9
- SHA256
  
  553cdc00fc3f98f0aa58936a890cd45cce84cb9ddaeee647459a98a32c2e219d
- SHA512
  
  073a9c07118e8354d0b435885bb26e8f376b1ed09ac4aa85755eed3901b2c808edeafc895280acb77dc329050be590ff5a5be5f405c8d312e228efeadcd2471a
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy