General

  • Target

    Moon-Predictor-v2-main (1).zip

  • Size

    15.3MB

  • MD5

    37ff9f227cba62bc3c853d4b2a356ccf

  • SHA1

    d5cb38fcb55f1b24ad27bc8d72c990735c0909f2

  • SHA256

    7c466c3a0668cc8ac5a189a374d8e8544c05d53f12c7f84516a5fa5b0ded8244

  • SHA512

    f43c7dd84ab6d52a5e3a434d639ce2545a4e52c1aa262f51bb4725ca2ee24017c04b776d43f544fa10eb2474feba1f7a5d46c0224f358cd166a2183b6d77043a

  • SSDEEP

    393216:IvRsHxZ/P5383bl0qUrNoto4sdS2KyzjXbDxCRVHv+wR0:02RZn53iGqc6tondVKy3rlCRtv/0

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Obfuscated with Agile.Net obfuscator 2 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Moon-Predictor-v2-main (1).zip
    .zip
  • Moon-Predictor-v2-main/Moon-Predictor-v2/Bunifu_UI_v1.5.3.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Moon-Predictor-v2-main/Moon-Predictor-v2/Guna.UI2.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Moon-Predictor-v2-main/Moon-Predictor-v2/Moon Predictor V2 (1).exe
    .exe windows:5 windows x64 arch:x64

    ba5546933531fafa869b1f86a4e2a959


    Headers

    Imports

    Sections

  • Creal.pyc
  • Moon-Predictor-v2-main/Moon-Predictor-v2/README.md
  • Moon-Predictor-v2-main/Moon-Predictor-v2/keys & pastebins.txt
  • Moon-Predictor-v2-main/README.md