buer | 293b5d974af75fa2c7dc5f14ddc4d959a278d3d00d00a03239688c69804fea71 | Triage

Analysis

max time kernel
43s
max time network
46s
platform
windows7_x64
resource
win7-20220414-en
submitted
18-04-2022 05:10

Sharing

Report Analysis Logs

General

Target

293b5d974af75fa2c7dc5f14ddc4d959a278d3d00d00a03239688c69804fea71.exe
Size

555KB
MD5

bd1539c8272467cadc312936ec53498a
SHA1

b6376ae25abd5d4b917b3be7397722779ff91767
SHA256

293b5d974af75fa2c7dc5f14ddc4d959a278d3d00d00a03239688c69804fea71
SHA512

70927680007e259494dddb1f3952f7487d0f76bab9fff481d5b7fc289b59fc4d4b0311b8ab0cfac657431d53768dd2c78fb361f3086a4600fe15c8ec6405b0e7

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

restwosternetbank.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 3 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral1/memory/1996-54-0x00000000002D0000-0x000000000030E000-memory.dmp	buer
behavioral1/memory/1996-58-0x0000000040000000-0x000000004003C000-memory.dmp	buer
behavioral1/memory/1996-62-0x0000000000290000-0x00000000002CB000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\293b5d974af75fa2c7dc5f14ddc4d959a278d3d00d00a03239688c69804fea71.exe
"C:\Users\Admin\AppData\Local\Temp\293b5d974af75fa2c7dc5f14ddc4d959a278d3d00d00a03239688c69804fea71.exe"
1⤵
PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1996-54-0x00000000002D0000-0x000000000030E000-memory.dmp

Filesize
248KB

Download
memory/1996-58-0x0000000040000000-0x000000004003C000-memory.dmp

Filesize
240KB

Download
memory/1996-62-0x0000000000290000-0x00000000002CB000-memory.dmp

Filesize
236KB

Download