buer | c1dde6f1868423ec25b5d3640840ce4372426bef5ea6f3e59d0f732f4b7222d2 | Triage

Analysis

max time kernel
3s
max time network
11s
platform
windows7_x64
resource
win7v20201028
submitted
28-01-2021 18:31

Sharing

Report Analysis Logs

General

Target

c1dde6f1868423ec25b5d3640840ce4372426bef5ea6f3e59d0f732f4b7222d2.bin.exe
Size

236KB
MD5

c740bdab4e7f09140d91c235867b5b4f
SHA1

00d14e220ca5897577a4c5ff2ce140698f501f03
SHA256

c1dde6f1868423ec25b5d3640840ce4372426bef5ea6f3e59d0f732f4b7222d2
SHA512

76fe7df5bf5264911bf4a94e10475d815217093427fe4c5cb13220c983f91ceac073d565f800ce9431208d7096995755f492d98651d4fc8c9bd5dadd8975fecd

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

jerryskaxtebilling.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral1/memory/1724-3-0x00000000001B0000-0x00000000001B8000-memory.dmp	buer
behavioral1/memory/1724-4-0x0000000040000000-0x000000004000A000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\c1dde6f1868423ec25b5d3640840ce4372426bef5ea6f3e59d0f732f4b7222d2.bin.exe
"C:\Users\Admin\AppData\Local\Temp\c1dde6f1868423ec25b5d3640840ce4372426bef5ea6f3e59d0f732f4b7222d2.bin.exe"
1⤵
PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1724-2-0x0000000001D60000-0x0000000001D71000-memory.dmp

Filesize
68KB

Download
memory/1724-3-0x00000000001B0000-0x00000000001B8000-memory.dmp

Filesize
32KB

Download
memory/1724-4-0x0000000040000000-0x000000004000A000-memory.dmp

Filesize
40KB

Download