beapy

General

Target

2025-03-22_946008f79eff66df98f8ea4929ea82c2_luca-stealer
Size

6.6MB
Sample

250322-hw5bjszvhz
MD5

946008f79eff66df98f8ea4929ea82c2
SHA1

338d103bb121e6f9f1ffbe3dbcc44a22c69e05f4
SHA256

70f96d1f5a321ada396268682f3127b8f7bdfb97759130fe72bfa930e178525f
SHA512

901e923fc30ec9a0150bc3f15b2c0d1dc0a3b15b3edcbfad07688b22caea4a22b3afb1b1519946aff06e2cb41cb0c2cf4814720c48983367be61f7ac1c0ac47c
SSDEEP

196608:eAqjTpnhXlmyWCZNulPKQ8hY/Bkr/fOIT/+VdlBFKaz+:kfauN/HYOSIT/EVF9K

Score

10^/10

Malware Config

Targets

- Target
  
  2025-03-22_946008f79eff66df98f8ea4929ea82c2_luca-stealer
- Size
  
  6.6MB
- MD5
  
  946008f79eff66df98f8ea4929ea82c2
- SHA1
  
  338d103bb121e6f9f1ffbe3dbcc44a22c69e05f4
- SHA256
  
  70f96d1f5a321ada396268682f3127b8f7bdfb97759130fe72bfa930e178525f
- SHA512
  
  901e923fc30ec9a0150bc3f15b2c0d1dc0a3b15b3edcbfad07688b22caea4a22b3afb1b1519946aff06e2cb41cb0c2cf4814720c48983367be61f7ac1c0ac47c
- SSDEEP
  
  196608:eAqjTpnhXlmyWCZNulPKQ8hY/Bkr/fOIT/+VdlBFKaz+:kfauN/HYOSIT/EVF9K
Score

10^/10

beapy mimikatz defense_evasion discovery miner persistence privilege_escalation pyinstaller worm
- Beapy
  Beapy is a python worm with crypto mining capabilities.
  miner worm beapy
- Beapy family
  beapy
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- Mimikatz family
  mimikatz
- Contacts a large (9399) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
- mimikatz is an open source tool to dump credentials on Windows
- Modifies Windows Firewall
  defense_evasion
- Loads dropped DLL
- Indicator Removal: Clear Persistence
  Clear artifacts associated with previously established persistence like scheduletasks on a host.
  defense_evasion
behavioral1 behavioral2