buer | 45f5381bfc1fd61e27eb887ed32bb79ecd9c5b38053a6332a32e1aa4b69ced28 | Triage

Analysis

max time kernel
129s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
09-03-2022 13:23

Sharing

Report Analysis Logs

General

Target

45f5381bfc1fd61e27eb887ed32bb79ecd9c5b38053a6332a32e1aa4b69ced28.exe
Size

152KB
MD5

00371d07d6348c489cc0f8e2a9b2b4ee
SHA1

26ca0881d672714d4b4f43b137515bb2aed4b70b
SHA256

45f5381bfc1fd61e27eb887ed32bb79ecd9c5b38053a6332a32e1aa4b69ced28
SHA512

eb89ad6d68465311589c8f7fab660ccca2add09bfe0da8c2734a3e71f93e10df20c7f915caf21ee26631a9bed8de1fff3b7bd0dd2f7302c78a61dd4a20b78703

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

officewestunionbank.com

bankcreditsign.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral2/memory/3372-132-0x0000000000530000-0x0000000000537000-memory.dmp	buer
behavioral2/memory/3372-133-0x0000000040000000-0x00000000400CF000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\45f5381bfc1fd61e27eb887ed32bb79ecd9c5b38053a6332a32e1aa4b69ced28.exe
"C:\Users\Admin\AppData\Local\Temp\45f5381bfc1fd61e27eb887ed32bb79ecd9c5b38053a6332a32e1aa4b69ced28.exe"
1⤵
PID:3372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3372-130-0x00000000007B9000-0x00000000007BF000-memory.dmp

Filesize
24KB

Download
memory/3372-131-0x00000000007B9000-0x00000000007BF000-memory.dmp

Filesize
24KB

Download
memory/3372-132-0x0000000000530000-0x0000000000537000-memory.dmp

Filesize
28KB

Download
memory/3372-133-0x0000000040000000-0x00000000400CF000-memory.dmp

Filesize
828KB

Download