General

  • Target

    e3a3ce745bced26cd26d5d219e75dfb281738e2545ffc45cc91d19da9d21c73d

  • Size

    6MB

  • Sample

    210405-ddevpvhsqn

  • MD5

    5a59ce4c687a7f855f1079dc98f71170

  • SHA1

    3198daca631983b3301c3ce88961ee7bbcafc222

  • SHA256

    e3a3ce745bced26cd26d5d219e75dfb281738e2545ffc45cc91d19da9d21c73d

  • SHA512

    bddc8f9143a060be9517dfe8cf863c37f0ad05900a1a4daef5ee86473701f56997f34949aeb003533ad823f892afd4f0cfeef4f8dfdc3de31a0d9d0ffab09e25

Malware Config

Targets

    • Target

      e3a3ce745bced26cd26d5d219e75dfb281738e2545ffc45cc91d19da9d21c73d

    • Size

      6MB

    • MD5

      5a59ce4c687a7f855f1079dc98f71170

    • SHA1

      3198daca631983b3301c3ce88961ee7bbcafc222

    • SHA256

      e3a3ce745bced26cd26d5d219e75dfb281738e2545ffc45cc91d19da9d21c73d

    • SHA512

      bddc8f9143a060be9517dfe8cf863c37f0ad05900a1a4daef5ee86473701f56997f34949aeb003533ad823f892afd4f0cfeef4f8dfdc3de31a0d9d0ffab09e25

    Score
    10/10
    • Beapy

      Beapy is a python worm with crypto mining capabilities.

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Modifies Windows Firewall

    • Loads dropped DLL

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Privilege Escalation