Overview

overview

10

Static

static

3

xjEvr.exe

windows7_x64

10

xjEvr.exe

windows10_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xjEvr.exe.bin

  • Size

    6.6MB

  • Sample

    220128-d5gjmaffa6

  • MD5

    6d35df76deb4a90f3753cc5f08874594

  • SHA1

    871eb58b0fe5e4bbabae265d144c2243bd01d706

  • SHA256

    a5b3049a22d59c619f4b48926e347f475aa2568ccf169d01ca2aa613a631928c

  • SHA512

    97a65b2babda90904bdbfbb0283b4b8d8556a4ebda3bf54c84478a62ea519495fd1a3df045c537c08913cd710056f60feb932a06df5cec0afb7a0c7d04a0edfd

Score
10/10
beapyevasionminerpyinstallerworm

Malware Config

Targets

    • Target

      xjEvr.exe.bin

    • Size

      6.6MB

    • MD5

      6d35df76deb4a90f3753cc5f08874594

    • SHA1

      871eb58b0fe5e4bbabae265d144c2243bd01d706

    • SHA256

      a5b3049a22d59c619f4b48926e347f475aa2568ccf169d01ca2aa613a631928c

    • SHA512

      97a65b2babda90904bdbfbb0283b4b8d8556a4ebda3bf54c84478a62ea519495fd1a3df045c537c08913cd710056f60feb932a06df5cec0afb7a0c7d04a0edfd

    Score
    10/10
    beapyevasionminerworm

    • Beapy

      Beapy is a python worm with crypto mining capabilities.

      minerwormbeapy

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks