rustybuer | c28abaaad1b7b2c7a37f28e974e8214f07c88feffef986e0a60a44ab0fa575aa | Triage

Resubmissions

23-07-2021 19:26

210723-yzn6xtp67e 10

Sharing

General

Target

csrsc.exe
Size

2.0MB
Sample

210723-yzn6xtp67e
MD5

984287b2d5eb06be3bb771f84e3b5ee8
SHA1

c75b5e359169084504a78259fd79f0d1e86a19ef
SHA256

c28abaaad1b7b2c7a37f28e974e8214f07c88feffef986e0a60a44ab0fa575aa
SHA512

412af5359691a2caea5a4e452b9ed2603d31db6306cf1c0b375c5f67400769108bc89c047b080d96e8f647b6fb6a47bfe9d6c6a123a4f27839953cd624e7ff9a

Score

10^/10

rustybuer loader

Malware Config

Extracted

Family

rustybuer

C2

https://shipmentofficedepot.com/

Targets

- Target
  
  csrsc.exe
- Size
  
  2.0MB
- MD5
  
  984287b2d5eb06be3bb771f84e3b5ee8
- SHA1
  
  c75b5e359169084504a78259fd79f0d1e86a19ef
- SHA256
  
  c28abaaad1b7b2c7a37f28e974e8214f07c88feffef986e0a60a44ab0fa575aa
- SHA512
  
  412af5359691a2caea5a4e452b9ed2603d31db6306cf1c0b375c5f67400769108bc89c047b080d96e8f647b6fb6a47bfe9d6c6a123a4f27839953cd624e7ff9a
Score

10^/10

rustybuer loader
- RustyBuer
  RustyBuer is a new variant of Buer loader written in Rust.
  loader rustybuer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rustybuerloader

behavioral2

rustybuerloader