xjEvr.exe.bin

General
Target

xjEvr.exe.bin

Size

6MB

Sample

220128-d5gjmaffa6

Score
10 /10
MD5

6d35df76deb4a90f3753cc5f08874594

SHA1

871eb58b0fe5e4bbabae265d144c2243bd01d706

SHA256

a5b3049a22d59c619f4b48926e347f475aa2568ccf169d01ca2aa613a631928c

SHA512

97a65b2babda90904bdbfbb0283b4b8d8556a4ebda3bf54c84478a62ea519495fd1a3df045c537c08913cd710056f60feb932a06df5cec0afb7a0c7d04a0edfd

Malware Config
Targets
Target

xjEvr.exe.bin

MD5

6d35df76deb4a90f3753cc5f08874594

Filesize

6MB

Score
10/10
SHA1

871eb58b0fe5e4bbabae265d144c2243bd01d706

SHA256

a5b3049a22d59c619f4b48926e347f475aa2568ccf169d01ca2aa613a631928c

SHA512

97a65b2babda90904bdbfbb0283b4b8d8556a4ebda3bf54c84478a62ea519495fd1a3df045c537c08913cd710056f60feb932a06df5cec0afb7a0c7d04a0edfd

Tags

Signatures

  • Beapy

    Description

    Beapy is a python worm with crypto mining capabilities.

    Tags

  • Grants admin privileges

    Description

    Uses net.exe to modify the user's privileges.

    TTPs

    Account Manipulation
  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    3/10

                    behavioral1

                    10/10

                    behavioral2

                    9/10