buer | 4960851790cc6835c45a5c0e80abc69fd827d47ca81ff85af49f04c57f9346f6 | Triage

Analysis

max time kernel
134s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
07-03-2022 10:33

Sharing

Report Analysis Logs

General

Target

4960851790cc6835c45a5c0e80abc69fd827d47ca81ff85af49f04c57f9346f6.exe
Size

169KB
MD5

6a114e31869cccf7654a89288dd17991
SHA1

4825cf2265c9e866d14517d004c269979a356126
SHA256

4960851790cc6835c45a5c0e80abc69fd827d47ca81ff85af49f04c57f9346f6
SHA512

59494e0038dfd1823b27378099767a18f9b14146b696f7be2d62adcd17f84abcea338531593b3a237484a409352825e374c77b459ceacddc674ebe457f96e73f

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

officewestunionbank.com

bankcreditsign.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral2/memory/2388-132-0x0000000000550000-0x0000000000557000-memory.dmp	buer
behavioral2/memory/2388-133-0x0000000040000000-0x00000000404BA000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\4960851790cc6835c45a5c0e80abc69fd827d47ca81ff85af49f04c57f9346f6.exe
"C:\Users\Admin\AppData\Local\Temp\4960851790cc6835c45a5c0e80abc69fd827d47ca81ff85af49f04c57f9346f6.exe"
1⤵
PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2388-130-0x00000000005C8000-0x00000000005CE000-memory.dmp

Filesize
24KB

Download
memory/2388-131-0x00000000005C8000-0x00000000005CE000-memory.dmp

Filesize
24KB

Download
memory/2388-132-0x0000000000550000-0x0000000000557000-memory.dmp

Filesize
28KB

Download
memory/2388-133-0x0000000040000000-0x00000000404BA000-memory.dmp

Filesize
4.7MB

Download