Extracted

• • Target

    1707ca614484545a2411aa38fd1205812a732aeac5378cb6af7c3bab9d91131f

  • Size

    228KB

  • MD5

    9bf08871d45df7b29733ec65f7c8251d

  • SHA1

    d98f3b80c92e46b138475404300f6cdaadb82d9a

  • SHA256

    1707ca614484545a2411aa38fd1205812a732aeac5378cb6af7c3bab9d91131f

  • SHA512

    678343eb9be3996921804826d857c257d59580d47c66c0e05c5a611505ceebe2733bcc82970eb0cea0babcf9e37f362a6fa314728b645dd074e419af1d834aee

  • SSDEEP

    3072:mc9uO6r/Nibu2Bm+AmBQuJ+bTlPY0zJ8V/cSPwVp1g6FBa9Mj7V8AZ40Uda:mnioGVJ+bTlPYwJ8fPO3g6F0o73Z40

  Score

  10^/10

  buerstealcdefault11discoveryloaderspywarestealer

  • Buer

    Buer is a new modular loader first seen in August 2019.

    loaderbuer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2