PPPwn GUI 1[.]3[.]exe | Triage

Sharing

General

Target

PPPwn GUI 1.3.exe
Size

20.6MB
MD5

3c9ee19a60ef37cade44e9a4531e584d
SHA1

60fc5fd9cb948a8e6774d15328b3338f1bb9fe31
SHA256

7ee312d9045362745f327d6218e113f191d31079e1a162a03b5e2c83d33b56c3
SHA512

d03ce396746129a3e8d60b8f4bb492033344a6bb2f248accc5fd88c8ed89c73eb5789f7e758c247bffff72537e44270950bb78d742cf2368ab84adb72a87b4e3
SSDEEP

393216:ogB1FKVWoF0k6RQvWGCGHracMrDyKON/63/V2gUIWQHS+mKjOAOHe:ogB1MDB6O3CaarU63/YtIpmKjOxe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PPPwn GUI 1.3.exe

Files

PPPwn GUI 1.3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mjZ
Size: - Virtual size: 13.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.NP:
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!vI
Size: 20.5MB - Virtual size: 20.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ