buer | 47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7 | Triage

Submit
Reports

Overview

overview

Static

static

47f6ca6bad...a7.exe

windows7_x64

47f6ca6bad...a7.exe

windows10-2004_x64

Sharing

General

Target

47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7
Size

160KB
Sample

220714-fdwkkshbb8
MD5

d8e4d911bd32bc0cec654270a195a86c
SHA1

9f262bd7f6ca033eb3f03c6ce1e82d98005f28ad
SHA256

47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7
SHA512

f61bb004ac75ad3727822782547b0d183c9dc2b68215da867d9ce96257e29beadabc621a3c51f8be7e9538a3347b2723dcfcf9163826d18122525c098be3e61b

Score

10^/10

buer loader persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7.exe

Resource

win7-20220414-en

buer loader persistence suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7.exe

Resource

win10v2004-20220414-en

buer loader persistence suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

buer

C2

frrn8--ddjm_b./,rmn-

frrn8--ddjm_b.0,rmn-

Targets

- Target
  
  47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7
- Size
  
  160KB
- MD5
  
  d8e4d911bd32bc0cec654270a195a86c
- SHA1
  
  9f262bd7f6ca033eb3f03c6ce1e82d98005f28ad
- SHA256
  
  47f6ca6bad3812abde610a5d9ee7d830a20cff27d16198626027446eaee513a7
- SHA512
  
  f61bb004ac75ad3727822782547b0d183c9dc2b68215da867d9ce96257e29beadabc621a3c51f8be7e9538a3347b2723dcfcf9163826d18122525c098be3e61b
Score

10^/10

buer loader persistence suricata
- Buer
  Buer is a new modular loader first seen in August 2019.
  loader buer
- suricata: ET MALWARE Buer Loader Update Request
  suricata: ET MALWARE Buer Loader Update Request
  suricata
- Buer Loader
  Detects Buer loader in memory or disk.
  loader
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

buerloaderpersistencesuricata

behavioral2

buerloaderpersistencesuricata

© 2018-2024

Terms | Privacy