buer | b0a639215a6ea4dc14ffc7fbc6f3c102605d17008a51de477cb755e35794a8c0 | Triage

Submit
Reports

Overview

overview

Static

static

1

64196c73fd...e5.exe

windows7_x64

64196c73fd...e5.exe

windows10_x64

Sharing

General

Target

64196c73fde1578c805cd9175aab70e5.exe
Size

86KB
Sample

201216-2ep484a91e
MD5

64196c73fde1578c805cd9175aab70e5
SHA1

6b109f1c3844b081edc36ddb65c3a379609a9db9
SHA256

b0a639215a6ea4dc14ffc7fbc6f3c102605d17008a51de477cb755e35794a8c0
SHA512

b752a8cf758540e2bce1bda7799acc4c3d47f9f08f533c70ef924141d1ebf3e18a1bc61afa744e87fd690f990d2d54a30d22c7e70f47c14c43c084d86f6250d1

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

64196c73fde1578c805cd9175aab70e5.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

64196c73fde1578c805cd9175aab70e5.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

softwareconsbank.com

Targets

- Target
  
  64196c73fde1578c805cd9175aab70e5.exe
- Size
  
  86KB
- MD5
  
  64196c73fde1578c805cd9175aab70e5
- SHA1
  
  6b109f1c3844b081edc36ddb65c3a379609a9db9
- SHA256
  
  b0a639215a6ea4dc14ffc7fbc6f3c102605d17008a51de477cb755e35794a8c0
- SHA512
  
  b752a8cf758540e2bce1bda7799acc4c3d47f9f08f533c70ef924141d1ebf3e18a1bc61afa744e87fd690f990d2d54a30d22c7e70f47c14c43c084d86f6250d1
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy