buer | aba5b6b055b434d841ab3ecabeef55e7790f60036d7e20fe07b9977048c2d40b | Triage

Analysis

max time kernel
134s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
29-03-2022 00:15

Sharing

Report Analysis Logs

General

Target

aba5b6b055b434d841ab3ecabeef55e7790f60036d7e20fe07b9977048c2d40b.exe
Size

232KB
MD5

7a1031eaa999d6b58e93b882686365ab
SHA1

66cdbc32fd50b159dd9633141dd36aa4ff8db7b5
SHA256

aba5b6b055b434d841ab3ecabeef55e7790f60036d7e20fe07b9977048c2d40b
SHA512

8b046cb21b607765d9b3960d9eadceead7c3eff431bfc78ec44a352d04f0cc4a89fd64032578a6c65f59a14ae443253c52adacd5c94bcf2e2cdab40d5dc4cada

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

officewestunionbank.com

bankcreditsign.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 2 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral2/memory/1956-131-0x0000000000590000-0x0000000000597000-memory.dmp	buer
behavioral2/memory/1956-132-0x0000000040000000-0x00000000443B4000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\aba5b6b055b434d841ab3ecabeef55e7790f60036d7e20fe07b9977048c2d40b.exe
"C:\Users\Admin\AppData\Local\Temp\aba5b6b055b434d841ab3ecabeef55e7790f60036d7e20fe07b9977048c2d40b.exe"
1⤵
PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1956-130-0x0000000000580000-0x0000000000585000-memory.dmp

Filesize
20KB

Download
memory/1956-131-0x0000000000590000-0x0000000000597000-memory.dmp

Filesize
28KB

Download
memory/1956-132-0x0000000040000000-0x00000000443B4000-memory.dmp

Filesize
67.7MB

Download