Overview

overview

10

Static

static

3

asdfa.exe

windows7_x64

10

asdfa.exe

windows10_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    asdfa.exe

  • Size

    6.6MB

  • Sample

    210629-3s2me642ps

  • MD5

    84ff84125412cc31a157f9bde26ece4f

  • SHA1

    3696f153950863249b13ebf02c7059c3c3304530

  • SHA256

    d278c3aa58ec53e40450b6316a414cf4440c4de8000e810b1d5a96c1e332b1c6

  • SHA512

    d0dfcfa397f13e77e276e0d82f64513c9489a1fa776bcfd61f927b1433989832f03cb7597171a8c96f8d1fb4ebb564e3f773f75ec5a5b6f792e63bbaa5bc0072

Score
10/10
beapyevasionminerpyinstallerworm

Malware Config

Targets

    • Target

      asdfa.exe

    • Size

      6.6MB

    • MD5

      84ff84125412cc31a157f9bde26ece4f

    • SHA1

      3696f153950863249b13ebf02c7059c3c3304530

    • SHA256

      d278c3aa58ec53e40450b6316a414cf4440c4de8000e810b1d5a96c1e332b1c6

    • SHA512

      d0dfcfa397f13e77e276e0d82f64513c9489a1fa776bcfd61f927b1433989832f03cb7597171a8c96f8d1fb4ebb564e3f773f75ec5a5b6f792e63bbaa5bc0072

    Score
    10/10
    beapyevasionminerworm

    • Beapy

      Beapy is a python worm with crypto mining capabilities.

      minerwormbeapy

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Command-Line Interface

1
T1059

Persistence

Account Manipulation

1
T1098

Modify Existing Service

1
T1031

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks