e2a67ced75ecf9371b950466f512c0df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2a67ced75ecf9371b950466f512c0df
Size

148KB
MD5

e2a67ced75ecf9371b950466f512c0df
SHA1

32aae28fa32c1c0ed5cef481e190e8492c5d1d2e
SHA256

408a06d06e2db2236db07e06d0dab886df2d75918e0a9f1aedf7f3f426dda1d0
SHA512

406fd916439398955028245789613f0494e677578380181647c0fc759d8f7b5f9fb194b71ca3796b362b70d828315651e51e59a80edaa1407d4087623dc2be07
SSDEEP

3072:+d/fbLEuK9ulrtqBY3fb7RTPLJW4dNx9T/FxTBfRIrK:sfbI9ur9Fxx9TtxTBJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2a67ced75ecf9371b950466f512c0df

Files

e2a67ced75ecf9371b950466f512c0df
.dll windows:4 windows x86 arch:x86

77039296ad5c841987927924af51993d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

picn20

PegasusUnload@8
_PicOp32@8
PegasusLoadFromRes@16

kernel32

GetProcessHeap
HeapReAlloc
HeapFree
HeapAlloc

Exports

Exports

_Pegasus@8

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ