General

  • Target

    servises.exe

  • Size

    84KB

  • Sample

    201215-jy4afv5t8s

  • MD5

    a61dd95d2cc4906965584bb254dcabfb

  • SHA1

    e0fb69709c4d5b98f53d4f146c706529f3a9a4fe

  • SHA256

    110832d77e7e042955d0bee350f739c3348b3c67ca6f690f02a487d28aefaff4

  • SHA512

    92cd8dda86441c98c1ad8891d2a63feea50f5bae4a7c5d82f152780b2bf84c78da222fbed9f6b62deba015e9b63fe6962a76f92b9fab61c19cfb2f7890de183b

Score
10/10

Malware Config

Extracted

Family

buer

C2

softwareconsbank.com

Targets

    • Target

      servises.exe

    • Size

      84KB

    • MD5

      a61dd95d2cc4906965584bb254dcabfb

    • SHA1

      e0fb69709c4d5b98f53d4f146c706529f3a9a4fe

    • SHA256

      110832d77e7e042955d0bee350f739c3348b3c67ca6f690f02a487d28aefaff4

    • SHA512

      92cd8dda86441c98c1ad8891d2a63feea50f5bae4a7c5d82f152780b2bf84c78da222fbed9f6b62deba015e9b63fe6962a76f92b9fab61c19cfb2f7890de183b

    Score
    10/10
    • Buer

      Buer is a new modular loader first seen in August 2019.

    • Buer Loader

      Detects Buer loader in memory or disk.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks