47d3d33039e6ab56238dc47adebcaf95 | Triage

Sharing

General

Target

47d3d33039e6ab56238dc47adebcaf95
Size

148KB
MD5

47d3d33039e6ab56238dc47adebcaf95
SHA1

8dbc14af2a71771345761ac6d08ade6822a4dafc
SHA256

5db6d20406786db8cdeb64fa335009cdf5404be3b4723359abf2fd95758b451f
SHA512

dfdcde71f2659df0178e7745e8c3396f63ee5091eb523de2bc2b4b13c2801b672477a600821592681c61c436d21314473f6c0886ada769c7049f660f1378de08
SSDEEP

3072:MPTRbzEI2ZyhdxIb8B8wl759TP/6If33qO2VKPlTBfRRrK:sRbWZUSwl3f33qO2VKlTBJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47d3d33039e6ab56238dc47adebcaf95

Files

47d3d33039e6ab56238dc47adebcaf95
.dll windows:4 windows x86 arch:x86

77039296ad5c841987927924af51993d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

picn20

PegasusUnload@8
_PicOp32@8
PegasusLoadFromRes@16

kernel32

GetProcessHeap
HeapReAlloc
HeapFree
HeapAlloc

Exports

Exports

_Pegasus@8

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ