buer | b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e | Triage

Submit
Reports

Overview

overview

Static

static

b73e527680...2e.exe

windows7_x64

b73e527680...2e.exe

windows10-2004_x64

Sharing

General

Target

b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e
Size

31KB
Sample

220625-dcdl9sbcel
MD5

d91559ae45b8f9bc903d27703211b119
SHA1

f1b02bf6d06cfba37bfea3a5fdc0664cd7b8b91a
SHA256

b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e
SHA512

3b048d58c7024a7d0ca78b0ffc2ec066bb4712082f8f33fd1aa853fc0ba37d207825be8517e57f548852c6bc2681a16196f7ddfd0dd792d2cb69a21afaa564af

Score

10^/10

buer loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e.exe

Resource

win7-20220414-en

buer loader persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e.exe

Resource

win10v2004-20220414-en

buer loader persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

frrnq8--h_t_+qr_r,amk-

frrnq8--glqr_jjcpp,nu-

https://java-stat.com/

https://installerr.pw/

eqqmp7,,g^s^*pq^q+`lj,

eqqmp7,,fkpq^iiboo+mt,

Targets

- Target
  
  b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e
- Size
  
  31KB
- MD5
  
  d91559ae45b8f9bc903d27703211b119
- SHA1
  
  f1b02bf6d06cfba37bfea3a5fdc0664cd7b8b91a
- SHA256
  
  b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e
- SHA512
  
  3b048d58c7024a7d0ca78b0ffc2ec066bb4712082f8f33fd1aa853fc0ba37d207825be8517e57f548852c6bc2681a16196f7ddfd0dd792d2cb69a21afaa564af
Score

10^/10

buer loader persistence
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
  loader
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistence

behavioral2

buerloaderpersistence

© 2018-2024

Terms | Privacy