buer | 45cc417aeb30d7aaba675077c10f70d66ee9b1b8b4820f0469221f0a87fe9545 | Triage

Submit
Reports

Overview

overview

Static

static

Invoice.xlsb

windows7_x64

Invoice.xlsb

windows10_x64

Sharing

General

Target

Invoice.xlsb
Size

155KB
Sample

201215-pamdz1smme
MD5

18cb83fa82fb14788d5a1cbafcd9bb28
SHA1

4b61151831eedeb225166c30c2e2b555c9e5b5d0
SHA256

45cc417aeb30d7aaba675077c10f70d66ee9b1b8b4820f0469221f0a87fe9545
SHA512

123acdaeb7baeb1bfe5284a70d920f692ff97927fe05cbbf56b029c93684aea5429c7e619a8a3ea2e55136d8398777f0e0b134cfe27e61b92acda0acf3ec5b4e

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

Invoice.xlsb

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Invoice.xlsb

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

softwareconsbank.com

Targets

- Target
  
  Invoice.xlsb
- Size
  
  155KB
- MD5
  
  18cb83fa82fb14788d5a1cbafcd9bb28
- SHA1
  
  4b61151831eedeb225166c30c2e2b555c9e5b5d0
- SHA256
  
  45cc417aeb30d7aaba675077c10f70d66ee9b1b8b4820f0469221f0a87fe9545
- SHA512
  
  123acdaeb7baeb1bfe5284a70d920f692ff97927fe05cbbf56b029c93684aea5429c7e619a8a3ea2e55136d8398777f0e0b134cfe27e61b92acda0acf3ec5b4e
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy