buer | 9cd888fa0692f8d0ca69548532ae72171b426d0e9d8b3b46acdbbe7636d653da | Triage

Submit
Reports

Overview

overview

Static

static

1

form.txt.exe

windows7_x64

form.txt.exe

windows10_x64

Sharing

General

Target

form.txt.exe
Size

123KB
Sample

210203-vd5bpvh8v6
MD5

cb80d26975639b66bb5ecd1f90e623ed
SHA1

95c973e9aad17101b29bd195f9c4624922d987ee
SHA256

9cd888fa0692f8d0ca69548532ae72171b426d0e9d8b3b46acdbbe7636d653da
SHA512

2adf13898114f0a2ebe3b8d279ae3dbc6693db4b44ac7a35ca9e61064caf77edbcbc6b4389542529d74d8347752b7ea00ea969ad7cc8ba6fa5dc0def31f32040

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

form.txt.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

form.txt.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

officewestbankingconc.com

Targets

- Target
  
  form.txt.exe
- Size
  
  123KB
- MD5
  
  cb80d26975639b66bb5ecd1f90e623ed
- SHA1
  
  95c973e9aad17101b29bd195f9c4624922d987ee
- SHA256
  
  9cd888fa0692f8d0ca69548532ae72171b426d0e9d8b3b46acdbbe7636d653da
- SHA512
  
  2adf13898114f0a2ebe3b8d279ae3dbc6693db4b44ac7a35ca9e61064caf77edbcbc6b4389542529d74d8347752b7ea00ea969ad7cc8ba6fa5dc0def31f32040
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy