buer | 8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22 | Triage

Submit
Reports

Overview

overview

Static

static

8026e96ade...22.exe

windows7_x64

8026e96ade...22.exe

windows10-2004_x64

Resubmissions

14-07-2022 15:34

220714-sz6nwshceq 10

01-07-2022 05:30

220701-f7cdssfgc6 10

Sharing

General

Target

8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22
Size

31KB
Sample

220701-f7cdssfgc6
MD5

b7eabb9d09f243bcb2c47d411028b07b
SHA1

b65366292b2d5d917f6aaee8634e635f4b5308ef
SHA256

8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22
SHA512

5285067287e4cdb4f0ee121eaf2fce2ae91d1bec0f7ebfff657dc452493db3c637b54d0cb495590bf92253ffcd4aa9681b015c258717966ef89a9b83859c300f

Score

10^/10

buer loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22.exe

Resource

win7-20220414-en

buer loader persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22.exe

Resource

win10v2004-20220414-en

buer loader persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

frrn8--jmm_b,rmn-

frrn8--jmm_b.0,rmn-

http://looad.top/

http://looad02.top/

eqqm7,,ill^a+qlm,

eqqm7,,ill^a-/+qlm,

Targets

- Target
  
  8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22
- Size
  
  31KB
- MD5
  
  b7eabb9d09f243bcb2c47d411028b07b
- SHA1
  
  b65366292b2d5d917f6aaee8634e635f4b5308ef
- SHA256
  
  8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22
- SHA512
  
  5285067287e4cdb4f0ee121eaf2fce2ae91d1bec0f7ebfff657dc452493db3c637b54d0cb495590bf92253ffcd4aa9681b015c258717966ef89a9b83859c300f
Score

10^/10

buer loader persistence
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
  loader
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistence

behavioral2

buerloaderpersistence

© 2018-2024

Terms | Privacy