General

  • Target

    mudminnows

  • Size

    3.2MB

  • Sample

    210803-vtn7npwxx2

  • MD5

    106b947aa2e8101bff6e3ff0f82bfe95

  • SHA1

    78a381408947f252bcbe170a4223c8a5a64fc11f

  • SHA256

    88689636f4b2287701b63f42c12e7e2387bf4c3ecc45eeb8a61ea707126bad9b

  • SHA512

    da8e58f307b7dfba78a96e1af5a4c9df79040f7d5a1181a08926bd32ff6d782375636882703d4eb6d194876c9aafd8394cde129ba401d66c5079393d84433693

Score
10/10

Malware Config

Extracted

Family

rustybuer

C2

https://cerionetya.com/

Targets

    • Target

      mudminnows

    • Size

      3.2MB

    • MD5

      106b947aa2e8101bff6e3ff0f82bfe95

    • SHA1

      78a381408947f252bcbe170a4223c8a5a64fc11f

    • SHA256

      88689636f4b2287701b63f42c12e7e2387bf4c3ecc45eeb8a61ea707126bad9b

    • SHA512

      da8e58f307b7dfba78a96e1af5a4c9df79040f7d5a1181a08926bd32ff6d782375636882703d4eb6d194876c9aafd8394cde129ba401d66c5079393d84433693

    Score
    10/10
    • RustyBuer

      RustyBuer is a new variant of Buer loader written in Rust.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks