independent_appraisal.jar

General
Target

independent_appraisal.jar

Size

6KB

Sample

210212-qj1pxv26za

Score
10 /10
MD5

e94dbabc70b4396b39d3a3d3e53cf85b

SHA1

bc6f6267313c0a768ed3f8f92f90c1f105cbd949

SHA256

25840b76b6cf2762898086cd4b62e556bedb9ffcff1a565bad872662c2e5bb36

SHA512

fb2eb9aeb02d111c23cdb61f668affcfb3e847159ce8a158ed39e2f136b9993f8dc68ddbd649d8f13f75ced7f7499c6410861daa1fde8fb15c010c6ccd2f3582

Malware Config

Extracted

Family buer
C2

antipublicwestbank.com

Targets
Target

independent_appraisal.jar

MD5

e94dbabc70b4396b39d3a3d3e53cf85b

Filesize

6KB

Score
10 /10
SHA1

bc6f6267313c0a768ed3f8f92f90c1f105cbd949

SHA256

25840b76b6cf2762898086cd4b62e556bedb9ffcff1a565bad872662c2e5bb36

SHA512

fb2eb9aeb02d111c23cdb61f668affcfb3e847159ce8a158ed39e2f136b9993f8dc68ddbd649d8f13f75ced7f7499c6410861daa1fde8fb15c010c6ccd2f3582

Tags

Signatures

  • Buer

    Description

    Buer is a new modular loader first seen in August 2019.

    Tags

  • Buer Loader

    Description

    Detects Buer loader in memory or disk.

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        1/10

                        behavioral2

                        10/10