Extracted

• • Target

    Electronic_Tracking_INV_#9836582365728523752.exe

  • Size

    245KB

  • MD5

    64f86981c7450dfd2c3915f213fc6720

  • SHA1

    5410d0e8569f0936b32de3199e8a187d6227fc1f

  • SHA256

    a1bdc2ca2e359ac7d5c26afb3cd89bb39285b8a8acc5876e691ceb4ba807b704

  • SHA512

    02e9e2e41a96a4e0279de44c5cdd7c18a4d08966e0e2ba9979d929f0fa5a902db1ceb3f2eb8a73d97725eed917f9e57d11999a0218f3f286908bf7e731931b22

  Score

  10^/10

  buerloaderpersistence

  • Buer

    Buer is a new modular loader first seen in August 2019.

    loaderbuer

  • Modifies WinLogon for persistence

    persistence

  • Buer Loader

    Detects Buer loader in memory or disk.

  • Executes dropped EXE

  • Deletes itself

  • Suspicious use of SetThreadContext

  behavioral1behavioral2