PPPwn GUI 1[.]7[.]exe | Triage

Resubmissions

22-07-2024 06:31

240722-g94fqstbnq 3

22-07-2024 06:30

240722-g9tljatbmp 4

22-07-2024 06:30

240722-g9j24atapk 3

22-07-2024 06:28

240722-g8eqzssgql 7

Sharing

General

Target

PPPwn GUI 1.7.exe
Size

5.0MB
MD5

b30ac58118321a59c014ccc1a3e123e7
SHA1

047b21fec30c4c30dbd5c6a49dfa8186d28a7d06
SHA256

3b9cd8462139134f74bb60f08a87f9767cfeaf34092a1b3dfb2c84e0f1172d6b
SHA512

73c5510c09efd388c2ba490a97afad3fe85903427ec257ef8a641ae638cccc18f330fa710f3006b49766316183ebcbb197aae9b280edec43ac98ace40a5f9dff
SSDEEP

98304:ACg7NvE0ACgb/1QF6RtxFVbDnzZLWE9uRE10oyGCGxh3Rv7uebyNC92VIfrKgop2:AC6E9C2eURPLMzaWo19T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PPPwn GUI 1.7.exe

Files

PPPwn GUI 1.7.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.9Gc
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

..Hu
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Bl7
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ