Overview

overview

10

Static

static

3

2ad506baf0...36.exe

windows7_x64

10

2ad506baf0...36.exe

windows10_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ad506baf005089e45769c6a7f6a37319d47834bad6375e3e3107cd263142436

  • Size

    7.8MB

  • Sample

    210405-dbnl6cq8b6

  • MD5

    21ff567a59d78b24c3fcaaba01b6a157

  • SHA1

    8dd675c4a6970d227579b5c1ccc748fd1b03de4c

  • SHA256

    2ad506baf005089e45769c6a7f6a37319d47834bad6375e3e3107cd263142436

  • SHA512

    bf8e7efa3b048352f2b9c1551e5a7875735af8f5596322d93b886bd359ae8b40f38844095ea58b9b0afd086e0f47f111c928f738309eea9d15e8f1ae58333ca4

Score
10/10
beapyevasionminerpyinstallerworm

Malware Config

Targets

    • Target

      2ad506baf005089e45769c6a7f6a37319d47834bad6375e3e3107cd263142436

    • Size

      7.8MB

    • MD5

      21ff567a59d78b24c3fcaaba01b6a157

    • SHA1

      8dd675c4a6970d227579b5c1ccc748fd1b03de4c

    • SHA256

      2ad506baf005089e45769c6a7f6a37319d47834bad6375e3e3107cd263142436

    • SHA512

      bf8e7efa3b048352f2b9c1551e5a7875735af8f5596322d93b886bd359ae8b40f38844095ea58b9b0afd086e0f47f111c928f738309eea9d15e8f1ae58333ca4

    Score
    10/10
    beapyevasionminerpyinstallerworm

    • Beapy

      Beapy is a python worm with crypto mining capabilities.

      minerwormbeapy

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Command-Line Interface

1
T1059

Persistence

Account Manipulation

1
T1098

Modify Existing Service

1
T1031

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks