buer | 711a05c2b42db93458407fc8d81cdd8d5c92a5cf44e5cab4e9ca58f5267d3cab | Triage

Submit
Reports

Overview

overview

Static

static

Notice-Del...0.xlsm

windows7_x64

Notice-Del...0.xlsm

windows10_x64

Sharing

General

Target

Notice-Delivery2020.xlsm
Size

430KB
Sample

201211-k4cjmrwa4n
MD5

0b49c3bd2479bed644ee5f0a21bdeabb
SHA1

2f63381e01e5c6c2dd0b2759a645c7aae6019a49
SHA256

711a05c2b42db93458407fc8d81cdd8d5c92a5cf44e5cab4e9ca58f5267d3cab
SHA512

9d3b2e7d253b18a3cdcd05f908c8826e33401bb34ece07d42f0ee0f53b5f9d1a66f85459990bdf43401a8970e9d4cbe5c482f2578fcbec9994dbebaacb95a459

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

Notice-Delivery2020.xlsm

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Notice-Delivery2020.xlsm

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

heartprogseds.com

Targets

- Target
  
  Notice-Delivery2020.xlsm
- Size
  
  430KB
- MD5
  
  0b49c3bd2479bed644ee5f0a21bdeabb
- SHA1
  
  2f63381e01e5c6c2dd0b2759a645c7aae6019a49
- SHA256
  
  711a05c2b42db93458407fc8d81cdd8d5c92a5cf44e5cab4e9ca58f5267d3cab
- SHA512
  
  9d3b2e7d253b18a3cdcd05f908c8826e33401bb34ece07d42f0ee0f53b5f9d1a66f85459990bdf43401a8970e9d4cbe5c482f2578fcbec9994dbebaacb95a459
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy