buer | 6eb872c05e3839b491fc9515065fcb0eeb209b3981a1ee3e3140495f907db37c | Triage

Submit
Reports

Overview

overview

Static

static

1

SecuriteIn...19.exe

windows7_x64

SecuriteIn...19.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.MulDrop15.61988.6090.30519
Size

90KB
Sample

201215-nhjrhnp386
MD5

3a94c5b0350d50bf1485156e75a82ded
SHA1

782da73b0165597dace21d0fcf3bd5cf54716d2e
SHA256

6eb872c05e3839b491fc9515065fcb0eeb209b3981a1ee3e3140495f907db37c
SHA512

4944810f8bbfdbeda95cbede4389ebcf020dd2030aaf0bbfe4e393d9cc52511077fa00963039104b60c52ac3f1027a3e20a4b80dd44e6cbe13bc4e1028fad7fa

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.MulDrop15.61988.6090.30519.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.MulDrop15.61988.6090.30519.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

ujinkesbank.com

Targets

- Target
  
  SecuriteInfo.com.Trojan.MulDrop15.61988.6090.30519
- Size
  
  90KB
- MD5
  
  3a94c5b0350d50bf1485156e75a82ded
- SHA1
  
  782da73b0165597dace21d0fcf3bd5cf54716d2e
- SHA256
  
  6eb872c05e3839b491fc9515065fcb0eeb209b3981a1ee3e3140495f907db37c
- SHA512
  
  4944810f8bbfdbeda95cbede4389ebcf020dd2030aaf0bbfe4e393d9cc52511077fa00963039104b60c52ac3f1027a3e20a4b80dd44e6cbe13bc4e1028fad7fa
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy