beapy | 811535042bd66043b6b4e8415fa76ab92672cefc5851f80b0a323f6d80f730bb | Triage

Submit
Reports

Overview

overview

Static

static

3

2025-04-17...er.exe

windows10-2004-x64

2025-04-17...er.exe

windows11-21h2-x64

Sharing

General

Target

2025-04-17_2e8571aae5640f51a867b966b58c8b96_black-basta_elex_luca-stealer
Size

6.6MB
Sample

250417-hxnp7aztbt
MD5

2e8571aae5640f51a867b966b58c8b96
SHA1

bef2cbc67800c2ac5d31853d9145638a09c8d9c5
SHA256

811535042bd66043b6b4e8415fa76ab92672cefc5851f80b0a323f6d80f730bb
SHA512

3973a51702c8db2edb0de880d5c86a3a447235237ddcffd761188c311d58c6cb2819966a146236e79c20b4bbb870fa3d72387294f6d4512c01bf02b752e1345a
SSDEEP

196608:qbuCCCZNulPKQ8hY/Bkr/fOIT/+VdlBFKazl:huN/HYOSIT/EVF95

Score

10^/10

beapy discovery miner pyinstaller worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-04-17_2e8571aae5640f51a867b966b58c8b96_black-basta_elex_luca-stealer.exe

Resource

win10v2004-20250410-en

beapy discovery miner worm

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-04-17_2e8571aae5640f51a867b966b58c8b96_black-basta_elex_luca-stealer.exe

Resource

win11-20250410-en

beapy discovery miner worm

windows11-21h2-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-04-17_2e8571aae5640f51a867b966b58c8b96_black-basta_elex_luca-stealer
- Size
  
  6.6MB
- MD5
  
  2e8571aae5640f51a867b966b58c8b96
- SHA1
  
  bef2cbc67800c2ac5d31853d9145638a09c8d9c5
- SHA256
  
  811535042bd66043b6b4e8415fa76ab92672cefc5851f80b0a323f6d80f730bb
- SHA512
  
  3973a51702c8db2edb0de880d5c86a3a447235237ddcffd761188c311d58c6cb2819966a146236e79c20b4bbb870fa3d72387294f6d4512c01bf02b752e1345a
- SSDEEP
  
  196608:qbuCCCZNulPKQ8hY/Bkr/fOIT/+VdlBFKazl:huN/HYOSIT/EVF95
Score

10^/10

beapy discovery miner worm
- Beapy
  Beapy is a python worm with crypto mining capabilities.
  miner worm beapy
- Beapy family
  beapy
- Contacts a large (8421) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Account Manipulation

Privilege Escalation

Account Manipulation

Defense Evasion

Credential Access

Discovery

Domain Trust Discovery

Network Service Discovery

Permission Groups Discovery

Domain Groups

Local Groups

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

beapydiscoveryminerworm

behavioral2

beapydiscoveryminerworm

© 2018-2025

Terms | Privacy