buer | 4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e | Triage

Submit
Reports

Overview

overview

Static

static

4bc5903e3f...0e.exe

windows7_x64

4bc5903e3f...0e.exe

windows10-2004_x64

Sharing

General

Target

4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e
Size

165KB
Sample

220712-krjv6adee3
MD5

567cb2370a3c5521b1c343cce23126ac
SHA1

8fff0c1f83a78165d15711dc9dc6746c10299edf
SHA256

4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e
SHA512

fed721ecf3d5f68e5cfe79466bf02ed8d0e4830cac60efee1af0ba8eba84f25651f041391aec37dfc6e84e454b56f4167d84c3df425e9441433be7d3b3a0c94b

Score

10^/10

buer loader persistence

Static task

static1

Behavioral task

behavioral1

Sample

4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e.exe

Resource

win7-20220414-en

buer loader persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e.exe

Resource

win10v2004-20220414-en

buer loader persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

frrn8--_tgp_qsnnmpr,gldm86.6.-

cook5**\qdm\npkkjmo)diaj53+3+*

Targets

- Target
  
  4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e
- Size
  
  165KB
- MD5
  
  567cb2370a3c5521b1c343cce23126ac
- SHA1
  
  8fff0c1f83a78165d15711dc9dc6746c10299edf
- SHA256
  
  4bc5903e3f847e2c0944215a52168fb4e7db034eb5724e2840b3396029cdfb0e
- SHA512
  
  fed721ecf3d5f68e5cfe79466bf02ed8d0e4830cac60efee1af0ba8eba84f25651f041391aec37dfc6e84e454b56f4167d84c3df425e9441433be7d3b3a0c94b
Score

10^/10

buer loader persistence
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- Buer Loader
  Detects Buer loader in memory or disk.
  loader
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistence

behavioral2

buerloaderpersistence

© 2018-2025

Terms | Privacy