buer | 0b750c8206c470821e39e5250820a8076dba4d037eb98adee00ea865b97bb8e1 | Triage

Resubmissions

10-03-2021 13:13

210310-zcbmv5tsq2 10

10-03-2021 12:23

210310-g18h95pxda 10

10-03-2021 11:45

210310-wzjwq2ky3a 10

Sharing

General

Target

page.icore
Size

152KB
Sample

210310-zcbmv5tsq2
MD5

3b9b37a405585d0625ab124c5a9f0eb6
SHA1

36ca288cbaa7ffd064879a2cf0e148f9419993bf
SHA256

0b750c8206c470821e39e5250820a8076dba4d037eb98adee00ea865b97bb8e1
SHA512

bb9d1ac61c37ba428a6d44911508344680c176b61cc899fb63512a68fa9e99146cb027f06474fdc0c0ed0fd9cd4ae407250c8580effaee684afa0873137475e5

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

hefuaqbanking.com

Targets

- Target
  
  page.icore
- Size
  
  152KB
- MD5
  
  3b9b37a405585d0625ab124c5a9f0eb6
- SHA1
  
  36ca288cbaa7ffd064879a2cf0e148f9419993bf
- SHA256
  
  0b750c8206c470821e39e5250820a8076dba4d037eb98adee00ea865b97bb8e1
- SHA512
  
  bb9d1ac61c37ba428a6d44911508344680c176b61cc899fb63512a68fa9e99146cb027f06474fdc0c0ed0fd9cd4ae407250c8580effaee684afa0873137475e5
Score

10^/10

buer loader
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1