# Copyright (c) 2014-2024 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Aliases: beahny, beapy # Reference: https://otx.alienvault.com/pulse/5cb0a4fbbaa1032a0d2305a8 # Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/miner-malware-spreads-beyond-china-uses-multiple-propagation-methods-including-eternalblue-powershell-abuse/ # Reference: https://blog.checkpoint.com/2019/03/19/check-point-forensic-files-monero-cryptominer-campaign-cryptojacking-crypto-apt-hacking/ # Reference: https://otx.alienvault.com/pulse/5c9121ab482d361391fd3771 # Reference: https://www.symantec.com/blogs/threat-intelligence/beapy-cryptojacking-worm-china # Reference: https://content.connect.symantec.com/sites/default/files/2019-04/Beapy_IOCs.txt # Reference: https://otx.alienvault.com/pulse/5cc2d15452ba66e4106497a0 info.abbny.com lplp1.abbny.com ii.ackng.com info.ackng.com d.beahh.com down.beahh.com info.beahh.com log.beahh.com lp.beahh.com lplp1.beahh.com oom.beahh.com mm.beahh.com new.beahh.com p.beahh.com v.beahh.com w.beahh.com dl.haqo.net i.haqo.net v.y6h.net