buer | 030af453e0140f45b22c9e2fa1dc1441371e55455e4d207eaed78229800ff6b7 | Triage

Submit
Reports

Overview

overview

Static

static

8

120 seconds - Win. 10

windows10_x64

Sharing

General

Target

Invoice.xls
Size

254KB
Sample

210202-wny6hscxfn
MD5

32d28b4f61d985d50cf9beb53cee4ad7
SHA1

e5abe4cfd0b9b23f7e3cf35a9df676d202d27887
SHA256

030af453e0140f45b22c9e2fa1dc1441371e55455e4d207eaed78229800ff6b7
SHA512

e446f74d80fb3b64b1666f92259e8ad5cdb810e97215520d747e8dd49cb884a6aaffd185e90f68a67fc37feab0b409c0f4b8c8cfbe680d6fd316ff5d8f228f8c

Score

10^/10

buer loader macro xlm

Static task

static1

Behavioral task

behavioral1

Sample

Invoice.xls

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

tokacpebanking.com

Targets

- Target
  
  Invoice.xls
- Size
  
  254KB
- MD5
  
  32d28b4f61d985d50cf9beb53cee4ad7
- SHA1
  
  e5abe4cfd0b9b23f7e3cf35a9df676d202d27887
- SHA256
  
  030af453e0140f45b22c9e2fa1dc1441371e55455e4d207eaed78229800ff6b7
- SHA512
  
  e446f74d80fb3b64b1666f92259e8ad5cdb810e97215520d747e8dd49cb884a6aaffd185e90f68a67fc37feab0b409c0f4b8c8cfbe680d6fd316ff5d8f228f8c
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy