Extracted

• • Target

    b61b330f0ad589422d862cebf65e92c1_JaffaCakes118

  • Size

    693KB

  • MD5

    b61b330f0ad589422d862cebf65e92c1

  • SHA1

    54d7cb2745607e2ea52db8423cf9f210c7674ee6

  • SHA256

    4c51b8b7cd48ab404a9259da953f6222d73b80b9ce440dd2fe6632000090e73d

  • SHA512

    534bc27db1c8df0ff2c7e5aaf4dc6a4aaffde931e3dacb2490b219c3a0323362afdec5d65d18d6c1ba44cbd384a1020319ff3298ab1330cab459b8b198d46dc1

  • SSDEEP

    6144:/mLwKpYnJEmpdSiWRWUJsT9IFinLwObXRPSPh8Ad9hPp5GtSkAOCnEIqnO9ykYHz:/SOEoWRGxnDx89haYRTnCO9oaEJ

  Score

  10^/10

  buerexecutionloader

  • Buer

    Buer is a new modular loader first seen in August 2019.

    loaderbuer

  • Buer Loader

    Detects Buer loader in memory or disk.

    loader

  • Command and Scripting Interpreter: PowerShell

    Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    execution

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2