Extracted

• • Target

    4332bb07339c3096997fbb89b695afeb3b1e21632c8ecb4e144ec883d61ab066_JC.exe

  • Size

    330KB

  • MD5

    5be0349cfd478100b67fa4a867cfc516

  • SHA1

    ad95587989a7bdeb80380a9e8b179f7e11db53a8

  • SHA256

    4332bb07339c3096997fbb89b695afeb3b1e21632c8ecb4e144ec883d61ab066

  • SHA512

    4a942340eaa75f5a98caf8073c2acc1c8c9310113d4d9e5b76cd4d91d87baa913c250caab657bc374f20233fc79d75dc6e29c74b4e301634934593dc86eb8534

  • SSDEEP

    1536:OphmidUnwrFnOATLZ+ZlDD44444444444444444444444444444444444444444t:sJUGpU1T83KvqAwsiYQmwf

  Score

  10^/10

  buerloaderpersistence

  • Buer

    Buer is a new modular loader first seen in August 2019.

    loaderbuer

  • Modifies WinLogon for persistence

    persistence

  • Buer Loader

    Detects Buer loader in memory or disk.

    loader

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2