ArkaInjector[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ArkaInjector.exe
Size

7.0MB
MD5

13cecf03e4974de45e37ccb801952bcf
SHA1

e54c84e9d34c02c03567196619486d886b7e759c
SHA256

23cbe71f6c3184b10c5f53afe0c559da2bac73dd9c67762d1c508b8978ea306b
SHA512

3bb5bb3af06f28bbc6151362bb6451dee5c58af944872ffd9945657e7e2641cbc214d5a41f546ab90ef7fd02288a2306bcd0ee83442f63e464c7d84ffaadf70c
SSDEEP

196608:N67bC3JwvBEen8JtsJTaPsc2px+/BKSUQWJzhEEO3CWuv3J09w:N6/KwZVJTa0c2/+AbeHCWuPJ09w

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ArkaInjector.exe

Files

ArkaInjector.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

DotNetRuntimeDebugHeader

Sections

Size: 317KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1.3MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hydrated
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.3MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 7KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 150KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 317KB - Virtual size: 726KB

Size: 1.3MB - Virtual size: 3.1MB

hydrated Size: - Virtual size: 1.2MB

Size: 1.3MB - Virtual size: 2.7MB

Size: 7KB - Virtual size: 121KB

Size: 150KB - Virtual size: 260KB

Size: 1024B - Virtual size: 1KB

Size: 2KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 6.4MB

.boot Size: 3.9MB - Virtual size: 3.9MB

.reloc Size: 16B - Virtual size: 4KB

hydrated
Size: - Virtual size: 1.2MB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 6.4MB

.boot
Size: 3.9MB - Virtual size: 3.9MB

.reloc
Size: 16B - Virtual size: 4KB