buer | 9cd888fa0692f8d0ca69548532ae72171b426d0e9d8b3b46acdbbe7636d653da | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

form.txt.exe

windows7_x64

form.txt.exe

windows10_x64

Sharing

General

Target

form.txt.exe
Size

123KB
Sample

210203-vd5bpvh8v6
MD5

cb80d26975639b66bb5ecd1f90e623ed
SHA1

95c973e9aad17101b29bd195f9c4624922d987ee
SHA256

9cd888fa0692f8d0ca69548532ae72171b426d0e9d8b3b46acdbbe7636d653da
SHA512

2adf13898114f0a2ebe3b8d279ae3dbc6693db4b44ac7a35ca9e61064caf77edbcbc6b4389542529d74d8347752b7ea00ea969ad7cc8ba6fa5dc0def31f32040

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

form.txt.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

form.txt.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

officewestbankingconc.com

Targets

- Target
  
  form.txt.exe
- Size
  
  123KB
- MD5
  
  cb80d26975639b66bb5ecd1f90e623ed
- SHA1
  
  95c973e9aad17101b29bd195f9c4624922d987ee
- SHA256
  
  9cd888fa0692f8d0ca69548532ae72171b426d0e9d8b3b46acdbbe7636d653da
- SHA512
  
  2adf13898114f0a2ebe3b8d279ae3dbc6693db4b44ac7a35ca9e61064caf77edbcbc6b4389542529d74d8347752b7ea00ea969ad7cc8ba6fa5dc0def31f32040
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.