Buer is malware-as-a-service product that provide initial foothold in the victim's machine and deliver whatever payload it's owner what to deliver. It can be a RAT or Stealer. Recently it is know to be delivering ransomware like Ryuk
. Buer is in competition to Bazar loader
which is consider to linked with Emotet
Main source of its spread is via phishing emails. Emails with malicious Microsoft Office documents are sent to the victims. Once the documents are opened it downloads the Buer Loader which gain foothold in the systems and it then waits for a C&C server for payloads to execute.
BuerLoader Maldoc Signatures
BuerLoader Maldoc Download
BuerLoader Malware Signatures
BuerLoader Malware Download