Overview

overview

10

Static

static

10

1324-4-0x0...ry.exe

windows7-x64

1324-4-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1324-4-0x0000000040000000-0x000000004000C000-memory.dmp

  • Size

    48KB

  • MD5

    882ae957e4c42a2d276a8dd6c93af86a

  • SHA1

    a29c7d499d0d64d939767ba7390b9fbade1449aa

  • SHA256

    6444a202bad795368728568f29877d4ce581ec700f259241c21946b0784dc9f4

  • SHA512

    e28f29dc7128b998e4aff4585b7a71e836ff22e88e54d3e32ce51d88133f5b94c759a59d3c073b8f774a053377077063d3b22cdc8663b27980d6c37d91b29679

  • SSDEEP

    768:8Ohgqs2XraqJ0O95ZFpB5w8TNZeDd/EeVoqYg06if15:8RWT0O95BB5w8BQE1DXj1

Score
10/10
loaderbuer

Malware Config

Extracted

Family

buer

C2

https://165.232.118.210/

Signatures

  • Buer Loader 1 IoCs

    Detects Buer loader in memory or disk.

    loader
  • Buer family
    buer
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1324-4-0x0000000040000000-0x000000004000C000-memory.dmp
    .exe windows x86


    Headers

    Sections