buer | eb9ed562ea848b9b3901a0d9cb2f9793115ba6dad9b2bf3929f75f9358ed2c23 | Triage

Submit
Reports

Overview

overview

Static

static

1

8754076d6e...81.exe

windows7_x64

8754076d6e...81.exe

windows10_x64

Sharing

General

Target

8754076d6e5fb4209c4a703eac804881.exe
Size

86KB
Sample

201216-x2sz67ldc6
MD5

8754076d6e5fb4209c4a703eac804881
SHA1

ad4bc65f8cbae9adc33792bb7115342562cf11d0
SHA256

eb9ed562ea848b9b3901a0d9cb2f9793115ba6dad9b2bf3929f75f9358ed2c23
SHA512

501ee70850266006fd6c43b5042241e007beb7b1463e46f453ca50e63efa2099bd2452d7979003cc9c66431cc1a9609bdb261617ea8c6c368ea6987b4f025fe6

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

8754076d6e5fb4209c4a703eac804881.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8754076d6e5fb4209c4a703eac804881.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

softwareconsbank.com

Targets

- Target
  
  8754076d6e5fb4209c4a703eac804881.exe
- Size
  
  86KB
- MD5
  
  8754076d6e5fb4209c4a703eac804881
- SHA1
  
  ad4bc65f8cbae9adc33792bb7115342562cf11d0
- SHA256
  
  eb9ed562ea848b9b3901a0d9cb2f9793115ba6dad9b2bf3929f75f9358ed2c23
- SHA512
  
  501ee70850266006fd6c43b5042241e007beb7b1463e46f453ca50e63efa2099bd2452d7979003cc9c66431cc1a9609bdb261617ea8c6c368ea6987b4f025fe6
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy