buer | c1a1988e6f043d0e73c9555ccaad2adb3683c22b0569fc0f6be24c3e4f8c82ff | Triage

Resubmissions

26-01-2021 19:10

210126-s9mbhrjkye 10

26-01-2021 18:38

210126-wq8yb2fmb2 10

Sharing

General

Target

font.tiff.exe
Size

235KB
Sample

210126-s9mbhrjkye
MD5

cc0631f2ca59175c237e7fba06a7d533
SHA1

0c93576aeee786b1ef8818a56653d4c0e41a67df
SHA256

c1a1988e6f043d0e73c9555ccaad2adb3683c22b0569fc0f6be24c3e4f8c82ff
SHA512

d33b7ecd31f69e230c33dd3a86cc337c62870630c95e679d504a22779e9c57715754b58587f53e758e2becd0eef4bcf26d41d9a5ac1e6f42b961c84cc92bc918

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

hetaskosupportcenter.com

Targets

- Target
  
  font.tiff.exe
- Size
  
  235KB
- MD5
  
  cc0631f2ca59175c237e7fba06a7d533
- SHA1
  
  0c93576aeee786b1ef8818a56653d4c0e41a67df
- SHA256
  
  c1a1988e6f043d0e73c9555ccaad2adb3683c22b0569fc0f6be24c3e4f8c82ff
- SHA512
  
  d33b7ecd31f69e230c33dd3a86cc337c62870630c95e679d504a22779e9c57715754b58587f53e758e2becd0eef4bcf26d41d9a5ac1e6f42b961c84cc92bc918
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1