buer | 5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3 | Triage

Submit
Reports

Overview

overview

Static

static

5c7f581314...f3.exe

windows7_x64

5c7f581314...f3.exe

windows10-2004_x64

Sharing

General

Target

5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3
Size

232KB
Sample

220624-2k1zjaace8
MD5

f267d07c82912e0222666aa2cdc4cbee
SHA1

630f7d9cbbb0af1a0d90502bc4be4dbc32b458de
SHA256

5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3
SHA512

1ccfb880532191238f8a1da2448b83ba7128868431b65909bbc7ebfc29a87ab6bc1060ac56b736d769edb8d703b655f9d5fb13fd18bbc1257dfaba0a8d8bdc42

Score

10^/10

buer loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3.exe

Resource

win7-20220414-en

buer loader persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3.exe

Resource

win10v2004-20220414-en

buer loader persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

http://45.12.32.252:8080/

Targets

- Target
  
  5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3
- Size
  
  232KB
- MD5
  
  f267d07c82912e0222666aa2cdc4cbee
- SHA1
  
  630f7d9cbbb0af1a0d90502bc4be4dbc32b458de
- SHA256
  
  5c7f5813142029aa1a1326ebef5b7664ab93e0c6bb40cbb40bf9146556a783f3
- SHA512
  
  1ccfb880532191238f8a1da2448b83ba7128868431b65909bbc7ebfc29a87ab6bc1060ac56b736d769edb8d703b655f9d5fb13fd18bbc1257dfaba0a8d8bdc42
Score

10^/10

buer loader persistence
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
  loader
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistence

behavioral2

buerloaderpersistence

© 2018-2024

Terms | Privacy