buer | f459e7a89013e13b394e055fc95f5bbdad0e48a09a1ca8761874360d13acb8a2

Analysis

Score

10^/10

buer loader

Family

buer

officewestunionbank.com

bankcreditsign.com

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral2/memory/496-4-0x0000000040000000-0x0000000040009000-memory.dmp	buer
behavioral2/memory/496-3-0x0000000000030000-0x0000000000037000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\km1fe.exe
"C:\Users\Admin\AppData\Local\Temp\km1fe.exe"
1⤵
PID:496

memory/496-2-0x00000000006E0000-0x00000000006E1000-memory.dmp

Filesize
4KB

Download
memory/496-4-0x0000000040000000-0x0000000040009000-memory.dmp

Filesize
36KB

Download
memory/496-3-0x0000000000030000-0x0000000000037000-memory.dmp

Filesize
28KB

Download