General
-
Target
Moon-Predictor-v2-main.zip
-
Size
15.3MB
-
Sample
240816-d1rtsssgne
-
MD5
37ff9f227cba62bc3c853d4b2a356ccf
-
SHA1
d5cb38fcb55f1b24ad27bc8d72c990735c0909f2
-
SHA256
7c466c3a0668cc8ac5a189a374d8e8544c05d53f12c7f84516a5fa5b0ded8244
-
SHA512
f43c7dd84ab6d52a5e3a434d639ce2545a4e52c1aa262f51bb4725ca2ee24017c04b776d43f544fa10eb2474feba1f7a5d46c0224f358cd166a2183b6d77043a
-
SSDEEP
393216:IvRsHxZ/P5383bl0qUrNoto4sdS2KyzjXbDxCRVHv+wR0:02RZn53iGqc6tondVKy3rlCRtv/0
Behavioral task
behavioral1
Sample
Moon-Predictor-v2-main/Moon-Predictor-v2/Bunifu_UI_v1.5.3.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Moon-Predictor-v2-main/Moon-Predictor-v2/Bunifu_UI_v1.5.3.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Moon-Predictor-v2-main/Moon-Predictor-v2/Guna.UI2.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
Moon-Predictor-v2-main/Moon-Predictor-v2/Guna.UI2.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Moon-Predictor-v2-main/Moon-Predictor-v2/Moon Predictor V2 (1).exe
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
Moon-Predictor-v2-main/Moon-Predictor-v2/Moon Predictor V2 (1).exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Moon-Predictor-v2-main/Moon-Predictor-v2/Bunifu_UI_v1.5.3.dll
-
Size
516KB
-
MD5
8cd9953ff0283305f3998f6893c7d244
-
SHA1
db906639e1b164bb813e3e94e548a4c5549bd36e
-
SHA256
0a3f02ad6a8f319b352f4ab3222bd57d9699882db065fb344b9828243b1d0015
-
SHA512
3121712026e63ae2c9df423c24511249895e773a5e56f3fd19dff89eefe58042c990afcd7ffba21bf9f181045b9b4d9f439c7e69114f0f9282adbd707558e133
-
SSDEEP
12288:MykYXttq4mBpDetgo3DcHGF2HcvHWUSA9uN:iYi4Xt7zcHGFxI+uN
Score1/10 -
-
-
Target
Moon-Predictor-v2-main/Moon-Predictor-v2/Guna.UI2.dll
-
Size
2.3MB
-
MD5
b7cf1039d089511ff4594d0796dc966b
-
SHA1
e41d50c48f5381da01ed43967d1024fdaaeedd81
-
SHA256
9143707613cfa106fc4d7177e6e9f8a544738989b6167cd6578101f1bdb0927a
-
SHA512
6627a7a810c78a94ff1d52b14d071f8aabd71a2e6b521d2fcea7d865d94f5bcb1dd890f1b93b292035b20127507e32c11c215268e00510e5bf28c6132a4ce2a4
-
SSDEEP
49152:DpR548WTt9kUHdvAmZL0Th+1n9fr2flQChRigKw1:54JErh0gz1
Score1/10 -
-
-
Target
Moon-Predictor-v2-main/Moon-Predictor-v2/Moon Predictor V2 (1).exe
-
Size
14.2MB
-
MD5
11afed49123fd774af33550dae13777a
-
SHA1
f02c2409c589f76a1639cef002dda5f7f538e98d
-
SHA256
07266653b14ff50a02d0be770e90e102d766cede26e92bd43eb61255c5931fca
-
SHA512
303d1eae5e242b0c831bf235705e57d0cb92c65387d7fe7279da364100f402c2212f48972cb6dbb64c951c704ebbd7af2081164bc8884b79064d2ba15e16fd55
-
SSDEEP
393216:Hu7L/qdQusl7Q+q9RoWOv+9fav+NNxDnDz:HCLydQu2QdborvSiv+DxDD
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Drops startup file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-