General

  • Target

    d0b8e002997a8fed4ec8ec7996a4c7fabd360a7119d388c632d00ff1405269a6

  • Size

    22KB

  • Sample

    210202-pqk6g2tkjn

  • MD5

    1c3fd3a47171b6312cb28d996da0a0d9

  • SHA1

    7e53bcbf99a3d164431b0318fe4ccb8cfe7da40a

  • SHA256

    d0b8e002997a8fed4ec8ec7996a4c7fabd360a7119d388c632d00ff1405269a6

  • SHA512

    762c3d63fa49f972e4e37b0be9627575f24f9527960450f640835c06b72909a9237aac749adf6b77a52790f17358106887d6cb630a196727d00ef113daf05892

Score
10/10

Malware Config

Extracted

Family

buer

C2

http://95.216.251.221:8080/

Targets

    • Target

      d0b8e002997a8fed4ec8ec7996a4c7fabd360a7119d388c632d00ff1405269a6

    • Size

      22KB

    • MD5

      1c3fd3a47171b6312cb28d996da0a0d9

    • SHA1

      7e53bcbf99a3d164431b0318fe4ccb8cfe7da40a

    • SHA256

      d0b8e002997a8fed4ec8ec7996a4c7fabd360a7119d388c632d00ff1405269a6

    • SHA512

      762c3d63fa49f972e4e37b0be9627575f24f9527960450f640835c06b72909a9237aac749adf6b77a52790f17358106887d6cb630a196727d00ef113daf05892

    Score
    10/10
    • Buer

      Buer is a new modular loader first seen in August 2019.

    • Buer Loader

      Detects Buer loader in memory or disk.

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks