buer | 053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297 | Triage

Analysis

max time kernel
42s
max time network
46s
platform
windows7_x64
resource
win7-20220414-en
submitted
18-04-2022 05:10

Sharing

Report Analysis Logs

General

Target

053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297.exe
Size

551KB
MD5

93f6bd74cfb0c98231c1219749e653aa
SHA1

8ea7d9ff209f6d446441840a3bf014aa31134051
SHA256

053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297
SHA512

bfff8a0b1ed5d4f0ca62435faccda3cfdbdda3e124e85fadb145de009aaac7f210bf2801ebd00eb948cfe288e2193a60466ddbd5e763cf519ecdfa5704fb8d7b

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

restwosternetbank.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 3 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral1/memory/1952-54-0x0000000001BF0000-0x0000000001C2E000-memory.dmp	buer
behavioral1/memory/1952-58-0x0000000040000000-0x000000004003C000-memory.dmp	buer
behavioral1/memory/1952-62-0x0000000001BB0000-0x0000000001BEB000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297.exe
"C:\Users\Admin\AppData\Local\Temp\053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297.exe"
1⤵
PID:1952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1952-54-0x0000000001BF0000-0x0000000001C2E000-memory.dmp

Filesize
248KB

Download
memory/1952-58-0x0000000040000000-0x000000004003C000-memory.dmp

Filesize
240KB

Download
memory/1952-62-0x0000000001BB0000-0x0000000001BEB000-memory.dmp

Filesize
236KB

Download