buer | 25840b76b6cf2762898086cd4b62e556bedb9ffcff1a565bad872662c2e5bb36 | Triage

Submit
Reports

Overview

overview

Static

static

independen...al.jar

windows7_x64

1

independen...al.jar

windows10_x64

Resubmissions

12-02-2021 17:46

210212-qj1pxv26za 10

12-02-2021 13:49

210212-qh2m1q4eyx 10

Sharing

General

Target

independent_appraisal.jar
Size

6KB
Sample

210212-qj1pxv26za
MD5

e94dbabc70b4396b39d3a3d3e53cf85b
SHA1

bc6f6267313c0a768ed3f8f92f90c1f105cbd949
SHA256

25840b76b6cf2762898086cd4b62e556bedb9ffcff1a565bad872662c2e5bb36
SHA512

fb2eb9aeb02d111c23cdb61f668affcfb3e847159ce8a158ed39e2f136b9993f8dc68ddbd649d8f13f75ced7f7499c6410861daa1fde8fb15c010c6ccd2f3582

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

independent_appraisal.jar

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

independent_appraisal.jar

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

antipublicwestbank.com

Targets

- Target
  
  independent_appraisal.jar
- Size
  
  6KB
- MD5
  
  e94dbabc70b4396b39d3a3d3e53cf85b
- SHA1
  
  bc6f6267313c0a768ed3f8f92f90c1f105cbd949
- SHA256
  
  25840b76b6cf2762898086cd4b62e556bedb9ffcff1a565bad872662c2e5bb36
- SHA512
  
  fb2eb9aeb02d111c23cdb61f668affcfb3e847159ce8a158ed39e2f136b9993f8dc68ddbd649d8f13f75ced7f7499c6410861daa1fde8fb15c010c6ccd2f3582
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy