Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- THREAT IDENTIFICATION: BUERLOADER
- SUBJECTS OBSERVED
- order 06688 Package
- order 230126 Parcel
- order 23279192 Parcel
- order 257502 Parcel
- order 3490948 Package
- order 4260217 Package
- order 4342788 Package
- order 4556088 Parcel
- order 47433 Parcel
- order 599800 Parcel
- order 6123190 Parcel
- order 76225024 Package
- order 921751 Package
- order 98927189 Parcel
- order 99272 Parcel
- SENDERS OBSERVED
- Bailey@kiekhafer.com
- Brooks@kiekhafer.com
- Carter@fhri.net
- Hughes@kiekhafer.com
- Jackson@kiekhafer.com
- Jones@kiekhafer.com
- Kelly@fhri.net
- King@kiekhafer.com
- Lopez@fhri.net
- Morgan@fhri.net
- Parker@kiekhafer.com
- Reed@fhri.net
- Rodriguez@kiekhafer.com
- Thomas@kiekhafer.com
- Thompson@kiekhafer.com
- BUERLOADER MALDOC FILE HASHES
- invoice.jnlp
- 67e9e29dde633fc31d03a9075c53788d
- 2021invoice.jnlp
- e38e0a050e1d1e47b5b9e30c65c6593e
- invoice.jar
- cee1f62d1cf8c508faf263d61e6cf27f
- BUERLOADER PAYLOAD DOWNLOAD
- http://invoicesecure.net/documents/invoice.jar
- http://pdfsecure.net/docs/2021invoice.jar
- http://invoicesecure.net/img/footer.jpg
- BUERLOADER PAYLOAD FILE HASHES
- footer.jpg
- 19ca9bf5eebc9e2f0bd3230f262348fd
- drvr32.exe
- 19ca9bf5eebc9e2f0bd3230f262348fd
- BUERLOADER C2
- http://verstudiosan.com/
- SUPPORTING EVIDENCE
- https://app.any.run/tasks/1e73e6b5-1f70-4a00-a131-a5d34561c4df/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement