PPPwnGo-v2[.]8[.]zip

Resubmissions

08-08-2024 14:15

240808-rkm3kayaqd 7

Sharing

Copy URL

Twitter E-mail

General

Target

PPPwnGo-v2.8.zip
Size

6.0MB
MD5

21e91900141c6311159ab0106bc0d18a
SHA1

a579d3af355789da5c429de40babfe71fd4600de
SHA256

59c50c50df819410c0f5ee039e5934c273d3aae71a4d1e2b45690c893e0e201d
SHA512

93a84e402920fddfe61fac631cc7b452e9a0aae24162d6baa673479a0070b632e6e4d6866945c6465efe80c676a652e9c1814c1f72ad2e64b677d72872b366f5
SSDEEP

98304:CFBBnZkzdKKONWrzMdmRZ3jXf/2FGqnASrtrvQ681IpJ2:O4sWVhjv+FGqnASrhQ6PT2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/PPPwnGo-v2.8/PPPwn/CPP/Beta/pppwn.exe	upx
static1/unpack001/PPPwnGo-v2.8/PPPwn/CPP/pppwn.exe	upx
static1/unpack001/PPPwnGo-v2.8/PPPwn/Go/Beta/pppwn.exe	upx
static1/unpack001/PPPwnGo-v2.8/PPPwn/Go/pppwn.exe	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PPPwnGo-v2.8/PPPwn/CPP/Beta/pppwn.exe
unpack001/PPPwnGo-v2.8/PPPwn/CPP/pppwn.exe
unpack001/PPPwnGo-v2.8/PPPwn/Go/Beta/pppwn.exe
unpack001/PPPwnGo-v2.8/PPPwn/Go/pppwn.exe
unpack001/PPPwnGo-v2.8/PPPwnGo.exe

Files

PPPwnGo-v2.8.zip
.zip
PPPwnGo-v2.8/PPPwn/CPP/Beta/pppwn.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 551KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PPPwnGo-v2.8/PPPwn/CPP/pppwn.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 551KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PPPwnGo-v2.8/PPPwn/Debug/CPP_debug.ini
PPPwnGo-v2.8/PPPwn/Debug/Go_debug.ini
PPPwnGo-v2.8/PPPwn/Debug/ReadMe.txt
PPPwnGo-v2.8/PPPwn/Go/Beta/pppwn.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 8.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PPPwnGo-v2.8/PPPwn/Go/pppwn.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 8.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PPPwnGo-v2.8/PPPwn/Py/offsets.py
PPPwnGo-v2.8/PPPwn/Py/pppwn.py
.py .sh linux
PPPwnGo-v2.8/PPPwnGo.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\桌面\临时\OneKey-PSGO2.7.0\OneKey-PSGO\OneKey-PSGO\obj\Debug\PPPwnGo.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PPPwnGo-v2.8/PS4_GoldHEN_all/GoldHEN vs VTX.png
.png
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-10.00/GoldHENv2.4b17.3/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-10.01/GoldHENv2.4b17.3/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-10.50(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-10.70(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-10.71(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-11.00/GoldHENv2.4b17.3/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-7.00(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-7.01(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-7.02(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-7.50(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-7.51(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-7.55(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-8.00(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-8.01(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-8.03(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-8.50(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-8.52(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.00/GoldHENv2.3/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.00/GoldHENv2.3İ/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.00/GoldHENv2.4b17.3/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.03(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.04(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.50(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.51(VTX)/payload.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/PS4-9.60/GoldHENv2.4b17.3/goldhen.bin
PPPwnGo-v2.8/PS4_GoldHEN_all/Payload˵readme.txt
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.00/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.00/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.01/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.01/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.50/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.50/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.70/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.70/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.71/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-10.71/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-11.00/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-11.00/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.00/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.00/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.01/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.01/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.02/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.02/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.50/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.50/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.51/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.51/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.55/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-7.55/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.00/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.00/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.01/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.01/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.03/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.03/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.50/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.50/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.52/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-8.52/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.00/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.00/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.03/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.03/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.04/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.04/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.50/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.50/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.51/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.51/stage2/stage2.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.60/stage1/stage1.bin
PPPwnGo-v2.8/PS4_stage_bin_all/PS4-9.60/stage2/stage2.bin
PPPwnGo-v2.8/Python!+Npcap/1.װnpcap.txt
PPPwnGo-v2.8/Python!+Npcap/2.add Python to Path.png
.png
PPPwnGo-v2.8/Python!+Npcap/3.װpython.txt
PPPwnGo-v2.8/Python!+Npcap/4.װpip˫.bat
PPPwnGo-v2.8/Python!+Npcap/5.װscapy˫.bat
PPPwnGo-v2.8/README.md
PPPwnGo-v2.8/˵.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 551KB - Virtual size: 552KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 551KB - Virtual size: 552KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 8.5MB

UPX1 Size: 1.5MB - Virtual size: 1.5MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 8.5MB

UPX1 Size: 1.5MB - Virtual size: 1.5MB

UPX2 Size: 512B - Virtual size: 4KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 96KB - Virtual size: 95KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 12B

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 551KB - Virtual size: 552KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 551KB - Virtual size: 552KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 8.5MB

UPX1
Size: 1.5MB - Virtual size: 1.5MB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 8.5MB

UPX1
Size: 1.5MB - Virtual size: 1.5MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 12B