Buer Loader, new Russian loader on the market with interesting persistence – KrabsOnSecurity
Tags
country: Russia
attack-pattern: Malware - T1587.001 Malware - T1588.001 Process Hollowing - T1055.012 Process Hollowing - T1093
Show in Graph
Common Information
Type Value
UUID 95387e70-4762-4320-928a-9c7683f6ce3b
Fingerprint 964a49b93cff56f2
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 5, 2019, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline Buer Loader, new Russian loader on the market with interesting persistence
Title Buer Loader, new Russian loader on the market with interesting persistence – KrabsOnSecurity
Detected Hints/Tags/Attributes 29/2/6
Source URLs
Redirection Url
Details Source https://krabsonsecurity.com/2019/12/05/buer-loader-new-russian-loader-on-the-market-with-interesting-persistence/
URL Provider
Details Provider Source level domain
Details krabsonsecurity.com krabsonsecurity.com
Attributes
Details Type #Events CTI Value
Details File 1260 
explorer.exe
Details sha256 1 
ddc4d9fa604cce434ba131b197f20e5a25deb4952e6365a33ac8d380ab543089
Details sha256 1 
fcdf29266f3508bd91d2446f20a73a811f53e27ad1f3e9c1f822458f1f30b5c9
Details sha256 1 
1db9d9d597636fb6e579a91b9206ac25e93e912c9fbfc91f604b7b1f0e18cc0a
Details sha256 1 
0dd7e132fb5e9dd241ae103110d085bc4d1ef7396ca6c84a3b91dc44f3aff50f
Details sha256 1 
6c694df8bde06ffebb8a259bebbae8d123effd58c9dd86564f7f70307443ccd0