1c684f5ca3184de03463efbeb6a87550_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1c684f5ca3184de03463efbeb6a87550_NeikiAnalytics.exe
Size

47KB
MD5

1c684f5ca3184de03463efbeb6a87550
SHA1

3e8174f1606f62e6687aef1ce8495c153849de2e
SHA256

3376e6a4ada202862502619f79989013d448e62f3e0f14968442298c3c3217df
SHA512

da5d9d7e8a26604a4d9503ec81824f120f7030a570cf9e6161275fa82fbab739f0df1742b54a8ffec20b18a9860403506cdad834951b477b30d20d3774c74ea8
SSDEEP

768:a1UUzY2zNIO6jbSMLuZ9ekVGHhHMXwzJqg/NF/eBLa06TXSkldD:ipzf9ekQhswnTrldD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c684f5ca3184de03463efbeb6a87550_NeikiAnalytics.exe

Files

1c684f5ca3184de03463efbeb6a87550_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

119f9d89de13cf1cbd9166a7e9f2c879

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\BuildMachine\jobs\All\workspace\Leaf\build\Windows\p2p\p2pclient\p2pnative\Release\lnp2pnative.pdb

Imports

lnp2p

recv_p2ppkt_p2p
send_p2ppkt_peer_p2p
send_p2ppkt_p2p
get_packet_proc_data_p2p
del_route_rule_p2p
add_route_rule_inoutp_p2p
add_route_rule_inp_p2p
add_route_rule_p2p
apply_route_rules_p2p
get_peer_ip_p2pconn
reject_p2pconn
open_named_pgrs_p2pconn
get_p2pconn_hndlr
close_p2pconn
open_adata_mtype_pgrs_p2pconn
open_adata_pgrs_p2pconn
open_mtype_pgrs_p2pconn
open_pgrs_p2pconn
set_p2pparam_int_p2p
set_p2pparam_p2p
get_ip_p2p
stop_p2p
start_lstnr_alstnr_p2p
cleanup_param_p2p
set_param_int_p2p
set_param_p2p
destroy_p2p
free_p2p
alloc_p2p
init_p2p

kernel32

TlsGetValue
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
TerminateProcess

Exports

Exports

_add_route_rule_inoutproc_p2p_native@40
_add_route_rule_inproc_p2p_native@32
_add_route_rule_p2p_native@28
_apply_route_rules_p2p_native@4
_cleanup_param_all_p2p_native@0
_close_p2pconn_native@4
_del_route_rule_p2p_native@28
_destroy_p2p_native@0
_get_ip_p2p_native@4
_get_ip_p2pconn_native@8
_init_p2p_native@0
_open_adata_mtype_p2pconn_native@20
_open_adata_p2pconn_native@16
_open_enc_adata_mtype_p2pconn_native@24
_open_enc_adata_p2pconn_native@20
_open_enc_mtype_p2pconn_native@20
_open_enc_p2pconn_native@16
_open_mtype_p2pconn_native@16
_open_named_p2pconn_native@16
_open_p2pconn_native@12
_recv_p2ppkt_native@12
_reject_named_p2pconn_native@12
_send_p2ppkt_native@8
_send_peer_p2ppkt_native@12
_set_p2pparam_intn_p2p_native@8
_set_p2pparam_strn_p2p_native@8
_set_param_intn_p2p_native@8
_set_param_strn_p2p_native@8
_start_p2p_alstnr_lkey_native@20
_start_p2p_alstnr_native@16
_start_p2p_native@12
_stop_p2p_native@0

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119f9d89de13cf1cbd9166a7e9f2c879

Headers

File Characteristics

PDB Paths

Imports

lnp2p

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB