Extracted

• • Target

    d91559ae45b8f9bc903d27703211b119_JaffaCakes118

  • Size

    31KB

  • MD5

    d91559ae45b8f9bc903d27703211b119

  • SHA1

    f1b02bf6d06cfba37bfea3a5fdc0664cd7b8b91a

  • SHA256

    b73e52768067d97464a6991027693246fad1afb144cbf9c9e66ffc840cc8542e

  • SHA512

    3b048d58c7024a7d0ca78b0ffc2ec066bb4712082f8f33fd1aa853fc0ba37d207825be8517e57f548852c6bc2681a16196f7ddfd0dd792d2cb69a21afaa564af

  • SSDEEP

    768:4R+ulCa/bIJlC2tsR/xRYDV31iVYiuyfF8s:4RtF/ohsR5ahT

  Score

  10^/10

  buerdiscoveryloaderpersistence

  • Buer

    Buer is a new modular loader first seen in August 2019.

    loaderbuer

  • Buer Loader

    Detects Buer loader in memory or disk.

    loader

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2