Overview

overview

10

Static

static

3

fa0978b3d1...30.exe

windows7-x64

10

fa0978b3d1...30.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa0978b3d14458524bb235d6095358a27af9f2e9281be7cd0eb1a4d2123a8330

  • Size

    6.6MB

  • Sample

    221130-w952wseb95

  • MD5

    470b4f5bc84db74ab1935186a3b5219f

  • SHA1

    522da30dadf030861e51da3efaf25ea0e0619206

  • SHA256

    fa0978b3d14458524bb235d6095358a27af9f2e9281be7cd0eb1a4d2123a8330

  • SHA512

    09ec3a279665fd9f38a488a39891085c52580d3eb63cb30c648236fe9cbb332a03a0d087f70fa34e633baba774080c73784ffeabf396081fe85152bd06b900fe

  • SSDEEP

    196608:eAqjTpnhXlmyWCZNulPKQ8hY/Bkr/fOIT/+VdlBFKaz:kfauN/HYOSIT/EVF9

Score
10/10
beapydiscoveryminerpyinstallerworm

Malware Config

Targets

    • Target

      fa0978b3d14458524bb235d6095358a27af9f2e9281be7cd0eb1a4d2123a8330

    • Size

      6.6MB

    • MD5

      470b4f5bc84db74ab1935186a3b5219f

    • SHA1

      522da30dadf030861e51da3efaf25ea0e0619206

    • SHA256

      fa0978b3d14458524bb235d6095358a27af9f2e9281be7cd0eb1a4d2123a8330

    • SHA512

      09ec3a279665fd9f38a488a39891085c52580d3eb63cb30c648236fe9cbb332a03a0d087f70fa34e633baba774080c73784ffeabf396081fe85152bd06b900fe

    • SSDEEP

      196608:eAqjTpnhXlmyWCZNulPKQ8hY/Bkr/fOIT/+VdlBFKaz:kfauN/HYOSIT/EVF9

    Score
    10/10
    beapydiscoveryminerworm

    • Beapy

      Beapy is a python worm with crypto mining capabilities.

      minerwormbeapy

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks