buer | f2a883a0e4b01c72b0f063df3be5a0102e5c8fbaedc39c8d35c632b200599283 | Triage

Submit
Reports

Overview

overview

Static

static

1

footer.exe

windows7_x64

footer.exe

windows10_x64

Sharing

General

Target

footer.exe
Size

281KB
Sample

210302-r6tyl4w3t6
MD5

19ca9bf5eebc9e2f0bd3230f262348fd
SHA1

e8157d7e277ccf04de3476c1845cd597c112786e
SHA256

f2a883a0e4b01c72b0f063df3be5a0102e5c8fbaedc39c8d35c632b200599283
SHA512

636859bd44528e75e5c6c25ad4fce12e0482fdd0de3798c863efbf4326e77db184b1354fc5433672239dee4350a0fc12427acc9a4bedfd17487e96ee5e397d72

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

footer.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

footer.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

verstudiosan.com

Targets

- Target
  
  footer.exe
- Size
  
  281KB
- MD5
  
  19ca9bf5eebc9e2f0bd3230f262348fd
- SHA1
  
  e8157d7e277ccf04de3476c1845cd597c112786e
- SHA256
  
  f2a883a0e4b01c72b0f063df3be5a0102e5c8fbaedc39c8d35c632b200599283
- SHA512
  
  636859bd44528e75e5c6c25ad4fce12e0482fdd0de3798c863efbf4326e77db184b1354fc5433672239dee4350a0fc12427acc9a4bedfd17487e96ee5e397d72
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy