buer | 053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297 | Triage

Analysis

max time kernel
125s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
18-04-2022 05:10

Sharing

Report Analysis Logs

General

Target

053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297.exe
Size

551KB
MD5

93f6bd74cfb0c98231c1219749e653aa
SHA1

8ea7d9ff209f6d446441840a3bf014aa31134051
SHA256

053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297
SHA512

bfff8a0b1ed5d4f0ca62435faccda3cfdbdda3e124e85fadb145de009aaac7f210bf2801ebd00eb948cfe288e2193a60466ddbd5e763cf519ecdfa5704fb8d7b

Score

10^/10

buer loader

Malware Config

Extracted

Family

buer

C2

restwosternetbank.com

Signatures

Buer
Buer is a new modular loader first seen in August 2019.
loader buer

Buer Loader 3 IoCs

Detects Buer loader in memory or disk.

resource	yara_rule
behavioral2/memory/1556-130-0x0000000002270000-0x00000000022AE000-memory.dmp	buer
behavioral2/memory/1556-134-0x0000000040000000-0x000000004003C000-memory.dmp	buer
behavioral2/memory/1556-138-0x0000000000770000-0x00000000007AB000-memory.dmp	buer

C:\Users\Admin\AppData\Local\Temp\053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297.exe
"C:\Users\Admin\AppData\Local\Temp\053e8f6aa90a889af6ae0366f3a9b306fc162174511642a5969d64b30d26f297.exe"
1⤵
PID:1556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1556-130-0x0000000002270000-0x00000000022AE000-memory.dmp

Filesize
248KB

Download
memory/1556-134-0x0000000040000000-0x000000004003C000-memory.dmp

Filesize
240KB

Download
memory/1556-138-0x0000000000770000-0x00000000007AB000-memory.dmp

Filesize
236KB

Download