Extracted

• • Target

    4aba8ea34e057b8239ff29028fa3ab829f53b2861d84a44fa9857b7d96e3a403

  • Size

    182KB

  • MD5

    87ad62ff5669b41f8994695b3aa05cbf

  • SHA1

    c6eb9d9a0df8ca97784b57ebe719b227ebfaf262

  • SHA256

    4aba8ea34e057b8239ff29028fa3ab829f53b2861d84a44fa9857b7d96e3a403

  • SHA512

    2b728b84f8377f407e293e723c5bb7813320e371d4e604323ddb397f418a367df8d925ac7d69dd53137df67f8d5b460f730f19cb94949dd14ab37da170cc47fd

  Score

  10^/10

  buerloaderpersistence

  • Buer

    Buer is a new modular loader first seen in August 2019.

    loaderbuer

  • Modifies WinLogon for persistence

    persistence

  • Buer Loader

    Detects Buer loader in memory or disk.

    loader

  • Executes dropped EXE

  • Deletes itself

  • Loads dropped DLL

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2