buer | 22a04ec533322f6dbf3a1e99bc9094e6ecf2c7ce9bb2bfaa801cf30ed4aa0aba | Triage

Submit
Reports

Overview

overview

Static

static

8

Inv847.xls

windows7_x64

Inv847.xls

windows10_x64

Sharing

General

Target

Inv847.xls
Size

298KB
Sample

210128-ag9l9qfkxe
MD5

5938eec8bed03b1e9f1debc3e949592e
SHA1

fd164563202f9de52c6f0eba819322398efdb14f
SHA256

22a04ec533322f6dbf3a1e99bc9094e6ecf2c7ce9bb2bfaa801cf30ed4aa0aba
SHA512

98b9b5fa2f33ad77d7e3953fa6e571a05b9c28b7ab8c3e5519060f1091e111e168e3124e19b4fc828a8a5d28cdcce795ae553a0200bb01f43c8fb985732e64c5

Score

10^/10

buer loader macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

Inv847.xls

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Inv847.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

http://88.119.175.189/document.ssl

Extracted

Family

buer

C2

randomresultgenerator.com

Targets

- Target
  
  Inv847.xls
- Size
  
  298KB
- MD5
  
  5938eec8bed03b1e9f1debc3e949592e
- SHA1
  
  fd164563202f9de52c6f0eba819322398efdb14f
- SHA256
  
  22a04ec533322f6dbf3a1e99bc9094e6ecf2c7ce9bb2bfaa801cf30ed4aa0aba
- SHA512
  
  98b9b5fa2f33ad77d7e3953fa6e571a05b9c28b7ab8c3e5519060f1091e111e168e3124e19b4fc828a8a5d28cdcce795ae553a0200bb01f43c8fb985732e64c5
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy