buer | e81d26edffa4b4570584bd1cb36211587108dfbbfc24f303a2c3e261cc3c59c1 | Triage

Submit
Reports

Overview

overview

Static

static

1

SecuriteIn...64.exe

windows7_x64

SecuriteIn...64.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.BuerLoader.1.17897.26464
Size

83KB
Sample

210202-z15vk9ssmn
MD5

f7fc343cbf86f08c7b529ab451677752
SHA1

1ef5d87b03502389362fa7a2aa3931b5e3e34353
SHA256

e81d26edffa4b4570584bd1cb36211587108dfbbfc24f303a2c3e261cc3c59c1
SHA512

c77f3ac253edd3f2bdd23593c098d5de2e4fdeae7f8dadb04a1da49a8d984b4a790a9a0e538eafad7e22075b9f6527cc387dc8c4920f15fcaa09c4048a1e0a37

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.BuerLoader.1.17897.26464.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.BuerLoader.1.17897.26464.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

tokacpebanking.com

Targets

- Target
  
  SecuriteInfo.com.Trojan.BuerLoader.1.17897.26464
- Size
  
  83KB
- MD5
  
  f7fc343cbf86f08c7b529ab451677752
- SHA1
  
  1ef5d87b03502389362fa7a2aa3931b5e3e34353
- SHA256
  
  e81d26edffa4b4570584bd1cb36211587108dfbbfc24f303a2c3e261cc3c59c1
- SHA512
  
  c77f3ac253edd3f2bdd23593c098d5de2e4fdeae7f8dadb04a1da49a8d984b4a790a9a0e538eafad7e22075b9f6527cc387dc8c4920f15fcaa09c4048a1e0a37
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy