beapy | 25a36fa5801eff90b922a97f4ca659ce36776fa30fba6675c573b13e3cdd6b2f | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-04-17...er.exe

windows10-2004-x64

2025-04-17...er.exe

windows11-21h2-x64

Sharing

General

Target

2025-04-17_7cd8699061d0ec419c1307b9182ab5f1_black-basta_elex_luca-stealer
Size

6.6MB
Sample

250417-h51pqatpt5
MD5

7cd8699061d0ec419c1307b9182ab5f1
SHA1

1d060e4a150f04d881d3ba293a3afb40d53c722d
SHA256

25a36fa5801eff90b922a97f4ca659ce36776fa30fba6675c573b13e3cdd6b2f
SHA512

6484d5cd86ef5ab8291d3fc12675edb9f443ff1838489484281a467aeeb3d19500935c75d8d46a81c317164e93aa039e243740ea5c0fd11cf7503873fc2d1be5
SSDEEP

196608:eAqjTpnhXlmyWCZNulPKQ8hY/Bkr/fOIT/+VdlBFKazc:kfauN/HYOSIT/EVF9I

Score

10^/10

beapy discovery miner pyinstaller worm

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2025-04-17_7cd8699061d0ec419c1307b9182ab5f1_black-basta_elex_luca-stealer.exe

Resource

win10v2004-20250314-en

beapy discovery miner worm

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-04-17_7cd8699061d0ec419c1307b9182ab5f1_black-basta_elex_luca-stealer.exe

Resource

win11-20250410-en

beapy discovery miner worm

windows11-21h2-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-17_7cd8699061d0ec419c1307b9182ab5f1_black-basta_elex_luca-stealer
- Size
  
  6.6MB
- MD5
  
  7cd8699061d0ec419c1307b9182ab5f1
- SHA1
  
  1d060e4a150f04d881d3ba293a3afb40d53c722d
- SHA256
  
  25a36fa5801eff90b922a97f4ca659ce36776fa30fba6675c573b13e3cdd6b2f
- SHA512
  
  6484d5cd86ef5ab8291d3fc12675edb9f443ff1838489484281a467aeeb3d19500935c75d8d46a81c317164e93aa039e243740ea5c0fd11cf7503873fc2d1be5
- SSDEEP
  
  196608:eAqjTpnhXlmyWCZNulPKQ8hY/Bkr/fOIT/+VdlBFKazc:kfauN/HYOSIT/EVF9I
Score

10^/10

beapy discovery miner worm
- Beapy
  Beapy is a python worm with crypto mining capabilities.
  miner worm beapy
- Beapy family
  beapy
- Contacts a large (8134) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Account Manipulation

Privilege Escalation

Account Manipulation

Defense Evasion

Credential Access

Discovery

Domain Trust Discovery

Network Service Discovery

Permission Groups Discovery

Domain Groups

Local Groups

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

beapydiscoveryminerworm

behavioral2

beapydiscoveryminerworm

© 2018-2025

Terms | Privacy