BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • The new Beep malware is almost impossible to detect

    Minerva analysts have discovered a new hidden malware called "Beep", which has many features to avoid analysis and detection by security software.

    Although the Beep malware is still in development and lacks several key features, it currently allows hackers to download and execute additional payloads on compromised devices. Beep is used primarily to steal information. The program uses three separate components to run: the dropper, the injector, and the payload.

    The dropper ("big.dll") creates a new registry key with the value "AphroniaHaimavati" which contains a base64 encoded PowerShell script. This script runs every 13 minutes using a Windows Scheduled Task.

    When the script is executed, it downloads the data and saves it to an injector called AphroniaHaimavati.dll. An injector is a component that uses a number of anti-debugging and anti-VM methods to inject a payload into the legitimate system process "WWAHost.exe" using "Process Hollowing" to avoid being detected by anti-virus tools running on the host.

    Finally, the main payload attempts to collect data from the hacked computer, encrypt it, and send it to the C2 server. During analysis by Minerva, the hard-coded C2 server was disabled, but the malware tried to connect to it even after 120 failed attempts.

    What separates the Beep malware from others is the use of multiple techniques throughout the execution process to avoid detection and analysis by antivirus solutions and cybersecurity researchers. Minerva specialists discovered 8 different techniques that the malware uses in its work, and described them in detail in their report.

    Beep is an example of heavily evasive malware that implements several anti-analysis mechanisms at once before completing the process of stealing data and executing malicious commands. Although it is rare in real attacks, Beep can become a serious threat in the future, which should be paid attention to now.

    Author DeepWeb
    Botnet MyloBot is rapidly spreading around the world
    16 packages with cryptominers found in the NPM repository

    Comments 0

    Add comment