Overview

overview

10

Static

static

10

Moon-Predi...in.zip

windows10-2004-x64

1

Moon-Predi....3.dll

windows10-2004-x64

1

Moon-Predi...I2.dll

windows10-2004-x64

1

Moon-Predi...1).exe

windows10-2004-x64

7

Moon-Predi...DME.md

windows10-2004-x64

3

Moon-Predi...ns.txt

windows10-2004-x64

1

Moon-Predi...DME.md

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Moon-Predictor-v2-main.zip

  • Size

    15.3MB

  • Sample

    240419-17tnashg9s

  • MD5

    37ff9f227cba62bc3c853d4b2a356ccf

  • SHA1

    d5cb38fcb55f1b24ad27bc8d72c990735c0909f2

  • SHA256

    7c466c3a0668cc8ac5a189a374d8e8544c05d53f12c7f84516a5fa5b0ded8244

  • SHA512

    f43c7dd84ab6d52a5e3a434d639ce2545a4e52c1aa262f51bb4725ca2ee24017c04b776d43f544fa10eb2474feba1f7a5d46c0224f358cd166a2183b6d77043a

  • SSDEEP

    393216:IvRsHxZ/P5383bl0qUrNoto4sdS2KyzjXbDxCRVHv+wR0:02RZn53iGqc6tondVKy3rlCRtv/0

Score
10/10
crealstealeragilenetpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Moon-Predictor-v2-main.zip

    • Size

      15.3MB

    • MD5

      37ff9f227cba62bc3c853d4b2a356ccf

    • SHA1

      d5cb38fcb55f1b24ad27bc8d72c990735c0909f2

    • SHA256

      7c466c3a0668cc8ac5a189a374d8e8544c05d53f12c7f84516a5fa5b0ded8244

    • SHA512

      f43c7dd84ab6d52a5e3a434d639ce2545a4e52c1aa262f51bb4725ca2ee24017c04b776d43f544fa10eb2474feba1f7a5d46c0224f358cd166a2183b6d77043a

    • SSDEEP

      393216:IvRsHxZ/P5383bl0qUrNoto4sdS2KyzjXbDxCRVHv+wR0:02RZn53iGqc6tondVKy3rlCRtv/0

    Score
    1/10
    behavioral1

    • Target

      Moon-Predictor-v2-main/Moon-Predictor-v2/Bunifu_UI_v1.5.3.dll

    • Size

      516KB

    • MD5

      8cd9953ff0283305f3998f6893c7d244

    • SHA1

      db906639e1b164bb813e3e94e548a4c5549bd36e

    • SHA256

      0a3f02ad6a8f319b352f4ab3222bd57d9699882db065fb344b9828243b1d0015

    • SHA512

      3121712026e63ae2c9df423c24511249895e773a5e56f3fd19dff89eefe58042c990afcd7ffba21bf9f181045b9b4d9f439c7e69114f0f9282adbd707558e133

    • SSDEEP

      12288:MykYXttq4mBpDetgo3DcHGF2HcvHWUSA9uN:iYi4Xt7zcHGFxI+uN

    Score
    1/10
    behavioral2

    • Target

      Moon-Predictor-v2-main/Moon-Predictor-v2/Guna.UI2.dll

    • Size

      2.3MB

    • MD5

      b7cf1039d089511ff4594d0796dc966b

    • SHA1

      e41d50c48f5381da01ed43967d1024fdaaeedd81

    • SHA256

      9143707613cfa106fc4d7177e6e9f8a544738989b6167cd6578101f1bdb0927a

    • SHA512

      6627a7a810c78a94ff1d52b14d071f8aabd71a2e6b521d2fcea7d865d94f5bcb1dd890f1b93b292035b20127507e32c11c215268e00510e5bf28c6132a4ce2a4

    • SSDEEP

      49152:DpR548WTt9kUHdvAmZL0Th+1n9fr2flQChRigKw1:54JErh0gz1

    Score
    1/10
    behavioral3

    • Target

      Moon-Predictor-v2-main/Moon-Predictor-v2/Moon Predictor V2 (1).exe

    • Size

      14.2MB

    • MD5

      11afed49123fd774af33550dae13777a

    • SHA1

      f02c2409c589f76a1639cef002dda5f7f538e98d

    • SHA256

      07266653b14ff50a02d0be770e90e102d766cede26e92bd43eb61255c5931fca

    • SHA512

      303d1eae5e242b0c831bf235705e57d0cb92c65387d7fe7279da364100f402c2212f48972cb6dbb64c951c704ebbd7af2081164bc8884b79064d2ba15e16fd55

    • SSDEEP

      393216:Hu7L/qdQusl7Q+q9RoWOv+9fav+NNxDnDz:HCLydQu2QdborvSiv+DxDD

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral4

    • Target

      Moon-Predictor-v2-main/Moon-Predictor-v2/README.md

    • Size

      822B

    • MD5

      bb3194842a44349ef4d088b892b0b604

    • SHA1

      e05dfd52e09303ed29ead3cfc5fde786065ed928

    • SHA256

      f417646ebbbe5a20e9ce6d61dc101285a3f3f6a9825d18e89fff643dc4f167cd

    • SHA512

      d6165341747837fe2613b4982b41bdf444629d741fd7778993ee93a292a1e2664cafb7582d35503476907ed2b077caa1c146f3266712c57d5edefa2ed1aabd15

    Score
    3/10
    behavioral5

    • Target

      Moon-Predictor-v2-main/Moon-Predictor-v2/keys & pastebins.txt

    • Size

      1KB

    • MD5

      0f263441109f01d9030b133447b69ef4

    • SHA1

      863c1c754db24afa7307f0ce7b6a34843e9dc028

    • SHA256

      3b12f3e496cfe49cd04f343e9cbe9b1df995e300ddd3480a6a0c2b3d9bd399f8

    • SHA512

      19b97c58b6c7da769d0d5bca17d1d7c945f7490749f6624ce22eda1882803bb84a80f07fd726616ce7fe03dacb3c0730d7c60a082951eb2d20a95dd6d4f7f4f4

    Score
    1/10
    behavioral6

    • Target

      Moon-Predictor-v2-main/README.md

    • Size

      1KB

    • MD5

      1dfba5f607e58b75a1e52f824cc0fd63

    • SHA1

      5251484e4ba429287bf7397ecda1eca20b4e10f1

    • SHA256

      957adc7f48441c002cc653452755b4b3a5aa90d0a5740fb97e83e646a179618c

    • SHA512

      06144dd9094a5ac775dcae1486a5c2948f80e4a1eb5084302ae80ed8b108124cb7a41d242fc8e28c30d96a68f3a9ce231c79b51b1f396940b6346eafc2a86fbc

    Score
    3/10
    behavioral7

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

2
T1552

Credentials In Files

2
T1552.001

Discovery

Process Discovery

1
T1057

System Information Discovery

2
T1082

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks