buer | 2e8cb7c47ae59ef491ac528bd97ccb7cc991e9aa6123060979ac0843249c5190 | Triage

Analysis

max time kernel
178s
max time network
200s
platform
windows10-2004_x64
resource
win10v2004-20220310-en
submitted
11-03-2022 04:01

Sharing

Report Analysis Logs

General

Target

2e8cb7c47ae59ef491ac528bd97ccb7cc991e9aa6123060979ac0843249c5190.exe
Size

151KB
MD5

110e67f5252a078208c9111b142e5783
SHA1

c978a048bcbfceeb25e014d7fa9a9062e625c98e
SHA256

2e8cb7c47ae59ef491ac528bd97ccb7cc991e9aa6123060979ac0843249c5190
SHA512

3befe754e6ae330dcc98afc0181227237874287dfc14cf8f424d055ea7ea4abe016f2c5843ca2bebb17fcf9773b676a1bc5646dae8b69d3f0f5b470b70453528

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

officewestunionbank.com

bankcreditsign.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral2/memory/3972-136-0x0000000000640000-0x0000000000647000-memory.dmp	buer
behavioral2/memory/3972-137-0x0000000040000000-0x00000000400CF000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\2e8cb7c47ae59ef491ac528bd97ccb7cc991e9aa6123060979ac0843249c5190.exe
"C:\Users\Admin\AppData\Local\Temp\2e8cb7c47ae59ef491ac528bd97ccb7cc991e9aa6123060979ac0843249c5190.exe"
1⤵
PID:3972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3972-134-0x0000000000749000-0x000000000074F000-memory.dmp

Filesize
24KB

Download
memory/3972-135-0x0000000000749000-0x000000000074F000-memory.dmp

Filesize
24KB

Download
memory/3972-136-0x0000000000640000-0x0000000000647000-memory.dmp

Filesize
28KB

Download
memory/3972-137-0x0000000040000000-0x00000000400CF000-memory.dmp

Filesize
828KB

Download