Report - github.com/aldostools/PPPwnUI/releases/download/3.32/PPPwnUI-3.32b-Full.zip

Report Overview

Visited public
2025-01-30 21:20:49
Tags
URL
github.com/aldostools/PPPwnUI/releases/download/3.32/PPPwnUI-3.32b-Full.zip
Finishing URL
about:privatebrowsing
IP / ASN
140.82.121.3
#36459 GITHUB
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
github.com	1423	2007-10-09	2016-07-13	2025-01-29	541 B	4.3 kB	140.82.121.3
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2025-01-29	977 B	7.9 MB	185.199.111.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
objects.githubusercontent.com/github-production-release-asset-2e65be/798545298/fbdb41d4-e21f-476f-b3cf-8e7d5761db5f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250130T212017Z&X-Amz-Expires=300&X-Amz-Signature=ab4c74d9569b6d10e0629b9050730ac208590ba33a95c99d337eb9984b492926&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnUI-3.32b-Full.zip&response-content-type=application%2Foctet-stream
IP
185.199.111.133
ASN
#54113 FASTLY

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
7.9 MB (7938948 bytes)
Hash
0bc3cdba7d4fa8558ceef3c9faa946d2
7d8f02fa06da0bdc81cf61554ff5579abbd2ef53
41156b90d30d4b6de30f79ac9e09f3ca3d083aedb95723c456affe6fb1d60cd8

Archive (250)

Filename

Md5

File type

clean.bat

6807abac1d41c4a62f7d1f1f49fd4cee

DOS batch file, ASCII text

done.bat

46772019c73df37533d498d61a1f1409

ASCII text

install_requirements.bat

0adcaa64ab12e70720287c0522bbe402

DOS batch file, ASCII text

install_requirements.sh

3fd06d9d52b0837794a2a45a1cef74dc

ASCII text

LICENSE

ebe7a3ede47830a32a71c672c2896d6a

ASCII text

logo.ico

d8b62265391c968952e919e2b933994f

MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel

logo.png

aef1e7f11d3ae39f6ee8167647eea1e5

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo1.png

d0e33fe28cb0ec4226515abb54ad58a8

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo2.png

404d632e9358c5271c76d0cb1389ce79

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo3.png

eef9d60e3e22cdd6ae9a4d5917e9b9d5

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo4.png

bc1df04e0ddc2637ebcd0ea328f54ce1

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo5.png

f17c5e869deb3d3774afcbe2edbe7f18

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo6.png

3fd82581afb008ed3de3ca3fe5c258aa

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

logo7.png

96908b4c74e8acf625955959ca98b3d2

PNG image data, 580 x 65, 8-bit/color RGB, non-interlaced

stage1_1000.bin

99b8083ac07bed4bf555f0ec02a7ffa4

data

stage1_1001.bin

99b8083ac07bed4bf555f0ec02a7ffa4

data

stage1_1050.bin

44f3cc05520077899c0cd51422811013

data

stage1_1070.bin

44f3cc05520077899c0cd51422811013

data

stage1_1071.bin

44f3cc05520077899c0cd51422811013

data

stage1_1100.bin

565a3867eb66b0baafdeb812037c95f8

data

stage1_700.bin

1da7b4d77bcb45cbfef127c0b2892284

data

stage1_701.bin

1da7b4d77bcb45cbfef127c0b2892284

data

stage1_702.bin

1da7b4d77bcb45cbfef127c0b2892284

data

stage1_750.bin

8f8d7e2777d51905e5b4e15a27a38219

data

stage1_751.bin

8f8d7e2777d51905e5b4e15a27a38219

data

stage1_755.bin

8f8d7e2777d51905e5b4e15a27a38219

data

stage1_800.bin

896e8f979ea9621107546b49ec00ed86

data

stage1_801.bin

896e8f979ea9621107546b49ec00ed86

data

stage1_803.bin

896e8f979ea9621107546b49ec00ed86

data

stage1_850.bin

411aab2f9f2947d66286c9dd8c9b7a63

data

stage1_852.bin

411aab2f9f2947d66286c9dd8c9b7a63

data

stage1_900.bin

ab7db32dbe6c6e4e8f80d642a41f5d05

data

stage1_903.bin

e372c39870ae642dd32c28122f6727c9

data

stage1_904.bin

e372c39870ae642dd32c28122f6727c9

data

stage1_950.bin

57749fe2519d4b987da8a4291d1d9fd7

data

stage1_951.bin

57749fe2519d4b987da8a4291d1d9fd7

data

stage1_960.bin

57749fe2519d4b987da8a4291d1d9fd7

data

ren.bat

88d8fbe5d447ff58a6764efe85581316

ASCII text, with CRLF line terminators

stage2_1000.bin

7cbd6b8a41dc0a67a61cb3f18c8e4d5c

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_1001.bin

7cbd6b8a41dc0a67a61cb3f18c8e4d5c

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_1050.bin

dc739d245a2964bbb36d4f88e285b585

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_1070.bin

dc739d245a2964bbb36d4f88e285b585

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_1071.bin

dc739d245a2964bbb36d4f88e285b585

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_1100.bin

8985053c18991ebf53bbea48e8fca67b

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_700.bin

3967e107d97c66571b425377dc90ba2b

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_701.bin

ca16956520dc8ce111856491aff89917

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_702.bin

ca16956520dc8ce111856491aff89917

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_750.bin

bfd749cd25b34373ba0184dc16165f3e

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_751.bin

bfd749cd25b34373ba0184dc16165f3e

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_755.bin

bfd749cd25b34373ba0184dc16165f3e

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_800.bin

1ae8c6d283a37ff3168c3401ac4e86a0

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_801.bin

1ae8c6d283a37ff3168c3401ac4e86a0

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_803.bin

1ae8c6d283a37ff3168c3401ac4e86a0

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_850.bin

43d399fb566f47eaf0f21ab51893b661

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_852.bin

43d399fb566f47eaf0f21ab51893b661

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_900.bin

65a8665a4a948b9be549ec6f9d7d3036

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_903.bin

9da51f25f4f326952350124f6289fa84

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_904.bin

9da51f25f4f326952350124f6289fa84

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_950.bin

bf4e3a7df4dd01a29300cb57c0323620

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_951.bin

bf4e3a7df4dd01a29300cb57c0323620

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2_960.bin

bf4e3a7df4dd01a29300cb57c0323620

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

f19a3d40795ce0511f3f3b4d2a9dd300

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

f19a3d40795ce0511f3f3b4d2a9dd300

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

17521c9a7a0e33350b1b73b9f9330676

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

17521c9a7a0e33350b1b73b9f9330676

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

17521c9a7a0e33350b1b73b9f9330676

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

0a2d3e22e0ffa3c32de38aa42456ecc3

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

4a55fb5d0a64f7df8842e1911d993871

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

f0b08d51fe0bc747d0564bb3397efbae

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

f0b08d51fe0bc747d0564bb3397efbae

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

f9c63467461441cdbe4cb442a58b949f

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

f9c63467461441cdbe4cb442a58b949f

DOS executable (COM), start instruction 0xe96e0700 00534889

stage2.bin

f9c63467461441cdbe4cb442a58b949f

DOS executable (COM), start instruction 0xe96e0700 00534889

stage1.bin

565a3867eb66b0baafdeb812037c95f8

data

stage2-1gb.bin

81522e5f1ab7438d62de7bf1c3704049

DOS executable (COM), start instruction 0xe93e3e00 00662e0f

stage2-2gb.bin

bc26131567ddbd60bd98b6ee9fabbcc9

DOS executable (COM), start instruction 0xe93e3e00 00662e0f

stage2-3gb.bin

a72b6db1d7009e3344431941a687cf94

DOS executable (COM), start instruction 0xe93e3e00 00662e0f

stage2-4gb.bin

009008bd604b9dd158601b3d6b1770ff

DOS executable (COM), start instruction 0xe93e3e00 00662e0f

offsets.py

d2cff007676aa9ba533bb831b9a7dfa6

ASCII text

pppwn.py

d9ae5e3d52bd9cebf608d3b8eb7a7829

Python script, ASCII text executable

pppwn_cpp

6c0af3bf852bc6454288c2a468edc726

ELF 64-bit LSB executable, x86-64, version 1 (SYSV)

pppwn_cpp.exe

78c3af6fd7954c44399d4bb3c2161ad1

PE32 executable (console) Intel 80386, for MS Windows, UPX compressed, 3 sections

pppwn_go

274d9d5bc98a8a1522df71f91c0503da

ELF 64-bit LSB executable, x86-64, version 1 (SYSV)

pppwn_go.exe

9176710670a044d5d8213fb49f58fe45

PE32+ executable (console) x86-64, for MS Windows, 3 sections

stage2.bin

7cbd6b8a41dc0a67a61cb3f18c8e4d5c

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

7cbd6b8a41dc0a67a61cb3f18c8e4d5c

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

dc739d245a2964bbb36d4f88e285b585

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

dc739d245a2964bbb36d4f88e285b585

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

dc739d245a2964bbb36d4f88e285b585

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

8985053c18991ebf53bbea48e8fca67b

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

3967e107d97c66571b425377dc90ba2b

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

ca16956520dc8ce111856491aff89917

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

ca16956520dc8ce111856491aff89917

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

bfd749cd25b34373ba0184dc16165f3e

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

bfd749cd25b34373ba0184dc16165f3e

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

bfd749cd25b34373ba0184dc16165f3e

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

1ae8c6d283a37ff3168c3401ac4e86a0

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

1ae8c6d283a37ff3168c3401ac4e86a0

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

1ae8c6d283a37ff3168c3401ac4e86a0

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

43d399fb566f47eaf0f21ab51893b661

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

43d399fb566f47eaf0f21ab51893b661

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

65a8665a4a948b9be549ec6f9d7d3036

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

9da51f25f4f326952350124f6289fa84

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

9da51f25f4f326952350124f6289fa84

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

bf4e3a7df4dd01a29300cb57c0323620

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

bf4e3a7df4dd01a29300cb57c0323620

DOS executable (COM), start instruction 0xe96e0100 00534889

stage2.bin

bf4e3a7df4dd01a29300cb57c0323620

DOS executable (COM), start instruction 0xe96e0100 00534889

stage1.bin

99b8083ac07bed4bf555f0ec02a7ffa4

data

stage1.bin

99b8083ac07bed4bf555f0ec02a7ffa4

data

stage1.bin

44f3cc05520077899c0cd51422811013

data

stage1.bin

44f3cc05520077899c0cd51422811013

data

stage1.bin

44f3cc05520077899c0cd51422811013

data

stage1.bin

565a3867eb66b0baafdeb812037c95f8

data

stage1.bin

1da7b4d77bcb45cbfef127c0b2892284

data

stage1.bin

1da7b4d77bcb45cbfef127c0b2892284

data

stage1.bin

1da7b4d77bcb45cbfef127c0b2892284

data

stage1.bin

8f8d7e2777d51905e5b4e15a27a38219

data

stage1.bin

8f8d7e2777d51905e5b4e15a27a38219

data

stage1.bin

8f8d7e2777d51905e5b4e15a27a38219

data

stage1.bin

896e8f979ea9621107546b49ec00ed86

data

stage1.bin

896e8f979ea9621107546b49ec00ed86

data

stage1.bin

896e8f979ea9621107546b49ec00ed86

data

stage1.bin

411aab2f9f2947d66286c9dd8c9b7a63

data

stage1.bin

411aab2f9f2947d66286c9dd8c9b7a63

data

stage1.bin

ab7db32dbe6c6e4e8f80d642a41f5d05

data

stage1.bin

e372c39870ae642dd32c28122f6727c9

data

stage1.bin

e372c39870ae642dd32c28122f6727c9

data

stage1.bin

57749fe2519d4b987da8a4291d1d9fd7

data

stage1.bin

57749fe2519d4b987da8a4291d1d9fd7

data

stage1.bin

57749fe2519d4b987da8a4291d1d9fd7

data

stage2.bin

c47aac0b66cc4152d33e69efb1556d24

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

c47aac0b66cc4152d33e69efb1556d24

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

ce4efca2a859fe4b1c576326f7c39123

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

ce4efca2a859fe4b1c576326f7c39123

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

ce4efca2a859fe4b1c576326f7c39123

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

6a7d869f62fe7843b9444a70aaf244ec

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

7f3831bfab6e9bed912859044e0d8736

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

7f3831bfab6e9bed912859044e0d8736

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

7f3831bfab6e9bed912859044e0d8736

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

55b04f9bba03ae62472de6205ad73356

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

55b04f9bba03ae62472de6205ad73356

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

55b04f9bba03ae62472de6205ad73356

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

9e619b05c810a3de338eab47d5e5c457

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

9e619b05c810a3de338eab47d5e5c457

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

9e619b05c810a3de338eab47d5e5c457

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

3bbc04fa7e0ce40606b7c7a02c3f19c7

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

3bbc04fa7e0ce40606b7c7a02c3f19c7

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

8005740f505fcdff1d0863c036f358e2

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

d4f59f9eec854e388c339f3655773cff

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

d4f59f9eec854e388c339f3655773cff

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

160b8107fcba533cfa5e3abfaadd0d39

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

160b8107fcba533cfa5e3abfaadd0d39

DOS executable (COM), start instruction 0xe94d0000 00534889

stage2.bin

160b8107fcba533cfa5e3abfaadd0d39

DOS executable (COM), start instruction 0xe94d0000 00534889

PPPwnUI.bat

ffdfdf273b99239a0ea739bf63afa66e

ASCII text, with CRLF line terminators

PPPwnUI.py

1165f00b4b476c7706a0d29e17a813ad

Python script, Unicode text, UTF-8 text executable

PPPwnUI.sh

76c6996b1e91fc7e9f15a79fa833f217

Bourne-Again shell script, ASCII text executable

README.md

35133c8e0e3de472135b15be29a7e888

Unicode text, UTF-8 text, with CRLF line terminators

requirements.txt

3fc36e7c867ce74edf66b6741793d523

ASCII text

ResetNetwork.bat

8e2978756f03ef488f8cf8f7f3e409b6

ASCII text, with CRLF line terminators

CHANGELOG.md

efd52ab3ddc7f58be97ba9b4d7267cab

ASCII text

CHEATMENU.md

ef52316c0be9c4c6f0a57efe05d6d148

Unicode text, UTF-8 text

goldhen_2.3_505.bin

16e9e84eeed57c2e03b4894a0c15e430

DOS executable (COM), start instruction 0xe9661000 00f30f1e

goldhen_2.3_672.bin

f38fd8142593ba944206ce89382c428d

DOS executable (COM), start instruction 0xe9661000 00f30f1e

goldhen_2.3_900.bin

db7ed7262f90d2f9f8342b1ae57179f5

DOS executable (COM), start instruction 0xe9661000 00f30f1e

goldhen_2.4b16.2.bin

31abb6135a6ad2ae4d84e9bbee0ac78e

DOS executable (COM), start instruction 0xe9371100 00f30f1e

goldhen_2.4b17.2.bin

c4afd6c81cccd67309c0081f4112f824

DOS executable (COM or COMBOOT 16-bit), maybe with interrupt 22h, start instruction 0xe9861100 00f30f1e

goldhen_2.4b17.3.bin

5ee79e8fc7e0f9f09d10d1a26a513f5e

DOS executable (COM), start instruction 0xe9861100 00f30f1e

goldhen_2.4b17.bin

90ccd6f7cb8c5d8a2c0957d2814d0d6b

DOS executable (COM), start instruction 0xe9861100 00f30f1e

goldhen_2.4b18.2.bin

9caeb9afa1e26d80d0e293ade0446b10

DOS executable (COM), start instruction 0xe9d21100 00f30f1e

goldhen_2.4b18.bin

78c655db47c395434715fce94fa86743

DOS executable (COM), start instruction 0xe9861100 00f30f1e

goldhen_lite_1.0_900.bin

ed928298dbbbb67c7442a3998ed7e02d

DOS executable (COM), start instruction 0xe9881000 00f30f1e

payload.bin

ccc2140c65f30af46fbb6aee167017ac

DOS executable (COM), start instruction 0xe9970200 00f30f1e

README.md

f63025c0b08f0c943040f8ce478a3b7c

ASCII text

THANKS.md

169086935b81d13351c30f526b535ba1

ASCII text, with CRLF line terminators

goldhen.bin

9caeb9afa1e26d80d0e293ade0446b10

DOS executable (COM), start instruction 0xe9d21100 00f30f1e

ps4-hen-1000-PPPwn-vtx.bin

38e1f0b93a59b3a1eacfd84b11f80b81

DOS executable (COM), start instruction 0xe98e0200 00f30f1e

ps4-hen-1001-PPPwn-vtx.bin

de7a880eede9318b41a883aa7dc923cd

DOS executable (COM), start instruction 0xe98e0200 00f30f1e

ps4-hen-1050-PPPwn-vtx.bin

50cff5d5356cd184cb5e56e71846b3eb

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-1070-PPPwn-vtx.bin

ebf9eedeb2a053b7fea2b31198b17c19

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-1071-PPPwn-vtx.bin

ebf9eedeb2a053b7fea2b31198b17c19

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-1100-PPPwn-vtx.bin

ccc2140c65f30af46fbb6aee167017ac

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-700-PPPwn-vtx.bin

259a2fbed349517939de90fd3cf102ca

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-701-PPPwn-vtx.bin

259a2fbed349517939de90fd3cf102ca

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-702-PPPwn-vtx.bin

259a2fbed349517939de90fd3cf102ca

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-750-PPPwn-vtx.bin

bd70d7919dd2e0f8cb8df59c7e7bc413

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-751-PPPwn-vtx.bin

bd70d7919dd2e0f8cb8df59c7e7bc413

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-755-PPPwn-vtx.bin

bd70d7919dd2e0f8cb8df59c7e7bc413

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-800-PPPwn-vtx.bin

db1de0517866663ec98ab0b99d2ce3ab

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-801-PPPwn-vtx.bin

db1de0517866663ec98ab0b99d2ce3ab

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-803-PPPwn-vtx.bin

5ef1339fe2741d12a31d68dd3050e8bd

DOS executable (COM), start instruction 0xe9940200 00f30f1e

ps4-hen-850-PPPwn-vtx.bin

d9f75cf066b06470b7b759f81fa87ef3

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-852-PPPwn-vtx.bin

540a9e6326a6001207fa3631b1c48275

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-900-PPPwn-vtx.bin

2b73cee8c8418410305ddc5b61dc4354

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-903-PPPwn-vtx.bin

7bc8b565a82eddf7fe70b34311be86ac

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-904-PPPwn-vtx.bin

4c6f0ccc08e5c7d6399d24e7817b7e3f

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-950-PPPwn-vtx.bin

aeae08a07e580545066b5e28e208dd4f

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-951-PPPwn-vtx.bin

a09599036497c3554dd6a73fb71f7812

DOS executable (COM), start instruction 0xe9970200 00f30f1e

ps4-hen-960-PPPwn-vtx.bin

83366364492e7f6c767a4ecfec1e1f25

DOS executable (COM), start instruction 0xe9970200 00f30f1e

README.md

ed47222a8df83dcd4c345a9326325cb5

ASCII text

config.ini

3f8469efae186bed32c51c7c1f647fd7

ASCII text, with CRLF line terminators

ps4-app-dumper.bin

f26374719d81cf977b7c1cea96789aad

DOS executable (COM), start instruction 0xe9e70c00 00f30f1e

ps4-app-dumper.png

b9e1c9aa33f566d5ab90dd182c9b2754

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-app2usb.bin

651477b9aff17928dcf988d8bee1e54d

DOS executable (COM), start instruction 0xe9381c00 00f30f1e

ps4-app2usb.png

40f1f95cd718240901e727adaa668b1b

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-backup.bin

244d620205a14a92469b7831b5de0204

DOS executable (COM), start instruction 0xe9af0000 00f30f1e

ps4-backup.png

27e5bac2818fd2ebae222026f7a35675

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-debug_v1.1.16.bin

142bb5fbab78b56443ac5e86e03ea54d

DOS executable (COM), start instruction 0xe90b1200 00662e0f

ps4-debug_v1.1.16.png

ef21cd424e70b1d4a317aec1d77c3bec

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-debug_v1.1.17.bin

7090b37730c765ea471f7595d6dd801a

DOS executable (COM), start instruction 0xe9bb1300 00662e0f

ps4-debug_v1.1.17.png

ef21cd424e70b1d4a317aec1d77c3bec

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-disable-aslr.bin

42cf453c43dceff6234748e01a41db5f

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-disable-aslr.png

2861240bdc4537d39e5b0aac7522f6d3

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-disable-updates.bin

d90b1f51009889a376755bde8f9ba3e3

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-disable-updates.png

f918283112016b8ae151f4e3d4a78a17

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-enable-browser.bin

ef34a41403b0668704fbf6e90680619f

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-enable-browser.png

68fdb429a4c9e6b42b41f6f986f597d4

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-enable-updates.bin

7fa04aa250723e63a4ecd385a1e57ea0

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-enable-updates.png

f0fb19f4b323ef720db2a51d19cd7667

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-exit-idu.bin

8fba9b6d3256cb14ac0b549ce68146e6

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-exit-idu.png

df47d89dbbbbd86ded62f17b81a81e91

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-fan-threshold.bin

da7393121ae8c754e47a17f2d470a01a

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-fan-threshold.png

ecbcaec609fdc55c40171158dfca04d6

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-firmware-dumper.bin

5697ddb725ec8d5e4e6e26068ac9dcf5

data

ps4-firmware-dumper.png

a1236b806107de80c161f6f485dbdcea

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-ftp.bin

48cea8b0c42bd26864ed76e9200cd7bc

DOS executable (COM), start instruction 0xe97d2500 00f30f1e

ps4-ftp.png

15e9133c666238e55f59f4577898261c

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-history-blocker.bin

fe825b9d3fd8bd24f598c5080e8d5c09

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-history-blocker.png

a33f4c8808827c87ce5ba08fdef77bab

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-kernel-clock.bin

e2384398b3211d391928c37123850aea

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-kernel-clock.png

26e8afc954d2b748a1cfd1f991e0830d

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-kernel-dumper.bin

08d707e41d994b8c1a18b4863cbb2338

DOS executable (COM), start instruction 0xe9b20300 00f30f1e

ps4-kernel-dumper.png

6f034945fe6f660f6e1fd9fd4e58cd21

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-module-dumper.bin

e2b0057618ed424168d4a4bcf74f46bd

DOS executable (COM), start instruction 0xe9500400 00f30f1e

ps4-module-dumper.png

2d8d1ad4ab33d1f266d581382d42e0c3

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-permanent-uart.bin

fd51309324cf8af18479a4d7fe23a9a9

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-permanent-uart.png

103b20de6e01d1e0d8a2d5835fe48588

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-PKG-Backup.bin

adfab513bfc48961398c0ede0cf0970d

DOS executable (COM), start instruction 0xe90d0d00 00f30f1e

ps4-PKG-Backup.png

27e5bac2818fd2ebae222026f7a35675

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-pup-decrypt.bin

fcfc9d024f0eeb4d1b9a5483ff8c7ab2

DOS executable (COM), start instruction 0xe9f72200 00415455

ps4-pup-decrypt.png

f3a28f9a903cc02a7dbb3a60bf5ec403

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-restore.bin

eb9b77664647af5ac2dd984e7b7121a0

DOS executable (COM), start instruction 0xe9000000 00f30f1e

ps4-restore.png

1ee891eb2c98b938c6cd34399758bac1

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-rif-renamer.bin

0815d793aeb6bfd357cf92ee502dba73

DOS executable (COM), start instruction 0xe9aa0100 00f30f1e

ps4-rif-renamer.png

266724fb374fd8ddfeceab3a9477b17b

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-todex.bin

4157ef71424592e27c9554681a4b145f

DOS executable (COM or COMBOOT 16-bit), maybe with interrupt 22h, start instruction 0xe9000000 00f30f1e

ps4-todex.png

35b8f7360a39e9dc7b3e2c4db2fafb41

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

ps4-webrte.bin

f244faa107e9be3d8068b051bcd920de

DOS executable (COM), start instruction 0xe9de0f00 00f30f1e

ps4-webrte.png

a1257ec52510d5f9e2a1842942f2e79e

PNG image data, 164 x 162, 8-bit/color RGB, non-interlaced

pup_decrypter.bin

c24a8e6483336324486f3c3520ccf06a

DOS executable (COM), start instruction 0xe9e32400 00415455

update_blocker.bin

4b8e26eed83da6ee2135901b582dd3af

DOS executable (COM), start instruction 0xe9720000 00f30f1e

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Detects a suspicious ELF binary with UPX compression
Public Nextron YARA rules	malware	Detects a suspicious ELF binary with UPX compression
Public Nextron YARA rules	malware	Detects imphash often found in malware samples (Maximum 0,25% hits with search for 'imphash:x p:0' on Virustotal) = 99,75% hits

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	github.com/aldostools/PPPwnUI/releases/download/3.32/PPPwnUI-3.32b-Full.zip	140.82.121.3	302 Found	0 B
URL User Request GET HTTP/2 github.com/aldostools/PPPwnUI/releases/download/3.32/PPPwnUI-3.32b-Full.zip IP 140.82.121.3:443 ASN #36459 GITHUB Certificate IssuerSectigo Limited Subjectgithub.com FingerprintE7:03:5B:CC:1C:18:77:1F:79:2F:90:86:6B:6C:1D:F8:DF:AA:BD:C0 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /aldostools/PPPwnUI/releases/download/3.32/PPPwnUI-3.32b-Full.zip HTTP/1.1 Host: github.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: GitHub.com date: Thu, 30 Jan 2025 21:20:17 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/798545298/fbdb41d4-e21f-476f-b3cf-8e7d5761db5f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250130T212017Z&X-Amz-Expires=300&X-Amz-Signature=ab4c74d9569b6d10e0629b9050730ac208590ba33a95c99d337eb9984b492926&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnUI-3.32b-Full.zip&response-content-type=application%2Foctet-stream cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com .rel.tunnels.api.visualstudio.com wss://.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/ content-length: 0 x-github-request-id: 0621:200F4B:9B84FD:A0627E:679BED11 X-Firefox-Spdy: h2

	objects.githubusercontent.com/github-production-release-asset-2e65be/798545298/fbdb41d4-e21f-476f-b3cf-8e7d5761db5f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250130T212017Z&X-Amz-Expires=300&X-Amz-Signature=ab4c74d9569b6d10e0629b9050730ac208590ba33a95c99d337eb9984b492926&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnUI-3.32b-Full.zip&response-content-type=application%2Foctet-stream	185.199.111.133	200 OK	7.9 MB
URL User Request GET HTTP/2 objects.githubusercontent.com/github-production-release-asset-2e65be/798545298/fbdb41d4-e21f-476f-b3cf-8e7d5761db5f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250130T212017Z&X-Amz-Expires=300&X-Amz-Signature=ab4c74d9569b6d10e0629b9050730ac208590ba33a95c99d337eb9984b492926&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnUI-3.32b-Full.zip&response-content-type=application%2Foctet-stream IP 185.199.111.133:443 ASN #54113 FASTLY Certificate IssuerDigiCert Inc Subject.github.io Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28 ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT File type Zip archive data, at least v1.0 to extract, compression method=store Size 7.9 MB (7938948 bytes) Hash 0bc3cdba7d4fa8558ceef3c9faa946d2 7d8f02fa06da0bdc81cf61554ff5579abbd2ef53 41156b90d30d4b6de30f79ac9e09f3ca3d083aedb95723c456affe6fb1d60cd8 HTTP Headers GET /github-production-release-asset-2e65be/798545298/fbdb41d4-e21f-476f-b3cf-8e7d5761db5f?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250130%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250130T212017Z&X-Amz-Expires=300&X-Amz-Signature=ab4c74d9569b6d10e0629b9050730ac208590ba33a95c99d337eb9984b492926&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DPPPwnUI-3.32b-Full.zip&response-content-type=application%2Foctet-stream HTTP/1.1 Host: objects.githubusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/octet-stream last-modified: Tue, 28 Jan 2025 17:20:52 GMT etag: "0x8DD3FC01E199D29" server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: c1b5c614-501e-0037-48aa-7133f9000000 x-ms-version: 2025-01-05 x-ms-creation-time: Tue, 28 Jan 2025 17:20:52 GMT x-ms-blob-content-md5: C8PNun1PqFWM7vPJ+qlG0g== x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob content-disposition: attachment; filename=PPPwnUI-3.32b-Full.zip x-ms-server-encrypted: true via: 1.1 varnish, 1.1 varnish fastly-restarts: 1 accept-ranges: bytes age: 0 date: Thu, 30 Jan 2025 21:20:18 GMT x-served-by: cache-iad-kiad7000074-IAD, cache-hel1410029-HEL x-cache: HIT, MISS x-cache-hits: 262, 0 x-timer: S1738272018.976153,VS0,VE102 content-length: 7938948 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (250)

Detections

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers