buer | a9ec36c1b7687d5436007f2640795702ec68b69a67561f94e8507857eb1971cd | Triage

Submit
Reports

Overview

overview

Static

static

1

OfficeDocument.exe

windows7_x64

OfficeDocument.exe

windows10_x64

Sharing

General

Target

OfficeDocument.exe
Size

277KB
Sample

210305-5rr354ayej
MD5

50991ebb9f7b1eb055901dc643bf50c5
SHA1

366e13a36809fef35d12e46b3f14ce950de6a7c0
SHA256

a9ec36c1b7687d5436007f2640795702ec68b69a67561f94e8507857eb1971cd
SHA512

3b5388273e490433b9bef0c445dccb628c89be7568effe0bc3f709f3f1bb021f1881846ddc96831a201b74246be87c6404acaebe9f20be6d19b74797f0a903f0

Score

10^/10

buer loader

Static task

static1

Behavioral task

behavioral1

Sample

OfficeDocument.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

OfficeDocument.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

officesecuredocapi.com

Targets

- Target
  
  OfficeDocument.exe
- Size
  
  277KB
- MD5
  
  50991ebb9f7b1eb055901dc643bf50c5
- SHA1
  
  366e13a36809fef35d12e46b3f14ce950de6a7c0
- SHA256
  
  a9ec36c1b7687d5436007f2640795702ec68b69a67561f94e8507857eb1971cd
- SHA512
  
  3b5388273e490433b9bef0c445dccb628c89be7568effe0bc3f709f3f1bb021f1881846ddc96831a201b74246be87c6404acaebe9f20be6d19b74797f0a903f0
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy