BunnyLoader v1.0 | Native C/C++ FileLess Loader & Stealer + Much More! Price: $250 09-04-2023, 05:58 PM
#1
A. Introduction - > BunnyLoader is a loader-malware that designed to load other types of malware based on the attackers choice. BunnyLoader's FileLess loading capability makes it difficult for anti viruses to remove the attackers malware. This loader also has stealer and clipper functions to extract sensitive data and proactively replace copied crypto wallet addresses with the attacker's wallet. The loader is written in C/ C++ for some fast task performance.
B. Web panel features - >
1. Dark and modern CnC
2. Has 5 different sections
3. Statistics section shows the amount of received stealer logs, total clients, connected clients, disconnected clients and active tasks
4. Clients section posts information about the target computer ( Country, Hostname, IP, Version, System, Privileges, State, Anti Virus, Date ) and an "Action" column with a reverse shell feature. It allows the attacker to remotely send cmd commands and receive the output in real time.
5. Tasks section shows the current active tasks, it posts task information ( ID, Parameters, Creation Date, Action ) and a selectable box with available tasks.
6. Available tasks:
- > Trojan Downloader: Download & Execute (Fileless Execution) and Download & Execute (Disk execution)
* Please note that Fileless execution is ONLY for native files with the size no more than 1MB.
- > Stealer: Run Stealer
- > Clipper: Bitcoin, Monero, Ethereum, Litecoin, Dogecoin, ZCash, and Tether USDT
7. Settings section allows an attacker to make changes to the CnC database at a click of a button:
- > Clear All Clients
- > Clear Active Clients
- > Clear Inactive Clients
- > Clear Active Tasks
- > Clear Stealer Logs
8. Stealer Logs section posts some info about the target computer with the number of recovered data like Chromium Data, Messages, and Wallets with a button to download them.
C. Client features - >
1. Anti analysis
2. Ability to load malware Filelessly or Dropping it to disk ( based on the attacker's choice )
3. Proactive clipper
4. Will handle reverse shell commands and send the output to the CnC
5. Will handle tasks sent by the CnC
6. Stealer features: Supports 40 Chromium Browsers, 5 messaging clients ( Tox, Signal, Skype, ICQ, Element ), 8 desktop wallets ( Armory, Bytecoin, Jaxx, Exodus, Ethereum, Electrum, AutomicWallet, Coinomi )
7. recovers Passwords and Autofills from browsers
7. Will send heartbeats to the CnC every 10 seconds and mark the client as connected. If the client is inactive and hadn't sent any heartbeats in 20 seconds then the CnC will mark the client as disconnected
D. Price: $250 for lifetime
E. MUST READ - >
the customers will be receiving the BunnyLoader payload and has no persistence ( startup ). so thats why the customers will have to crypt it or use a private stub that HAS persistence ( startup ).
the customers will need to install wamp control server to host the panel and the rest of the instructions will be given to the buyers.
Tg Channel: t[.]me/bunnyLoader_support
B. Web panel features - >
1. Dark and modern CnC
2. Has 5 different sections
3. Statistics section shows the amount of received stealer logs, total clients, connected clients, disconnected clients and active tasks
4. Clients section posts information about the target computer ( Country, Hostname, IP, Version, System, Privileges, State, Anti Virus, Date ) and an "Action" column with a reverse shell feature. It allows the attacker to remotely send cmd commands and receive the output in real time.
5. Tasks section shows the current active tasks, it posts task information ( ID, Parameters, Creation Date, Action ) and a selectable box with available tasks.
6. Available tasks:
- > Trojan Downloader: Download & Execute (Fileless Execution) and Download & Execute (Disk execution)
* Please note that Fileless execution is ONLY for native files with the size no more than 1MB.
- > Stealer: Run Stealer
- > Clipper: Bitcoin, Monero, Ethereum, Litecoin, Dogecoin, ZCash, and Tether USDT
7. Settings section allows an attacker to make changes to the CnC database at a click of a button:
- > Clear All Clients
- > Clear Active Clients
- > Clear Inactive Clients
- > Clear Active Tasks
- > Clear Stealer Logs
8. Stealer Logs section posts some info about the target computer with the number of recovered data like Chromium Data, Messages, and Wallets with a button to download them.
C. Client features - >
1. Anti analysis
2. Ability to load malware Filelessly or Dropping it to disk ( based on the attacker's choice )
3. Proactive clipper
4. Will handle reverse shell commands and send the output to the CnC
5. Will handle tasks sent by the CnC
6. Stealer features: Supports 40 Chromium Browsers, 5 messaging clients ( Tox, Signal, Skype, ICQ, Element ), 8 desktop wallets ( Armory, Bytecoin, Jaxx, Exodus, Ethereum, Electrum, AutomicWallet, Coinomi )
7. recovers Passwords and Autofills from browsers
7. Will send heartbeats to the CnC every 10 seconds and mark the client as connected. If the client is inactive and hadn't sent any heartbeats in 20 seconds then the CnC will mark the client as disconnected
D. Price: $250 for lifetime
E. MUST READ - >
the customers will be receiving the BunnyLoader payload and has no persistence ( startup ). so thats why the customers will have to crypt it or use a private stub that HAS persistence ( startup ).
the customers will need to install wamp control server to host the panel and the rest of the instructions will be given to the buyers.
Tg Channel: t[.]me/bunnyLoader_support
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)