Static task
static1
General
-
Target
Five Nights at Freddys-Fredbear XD.rar
-
Size
218.0MB
-
MD5
6defb0bb8ee1c24d99f452353930a388
-
SHA1
c9aa6a1a4009783bef3b97718af11633688b995b
-
SHA256
1cc4b7180aad9f4e487c923ac7138a1fa5f38fb252eb6152a31e0ccf4bb78bad
-
SHA512
b83c4b0c65321b53a72861958e46ecf4fb79d8949bddbbe78ab9a250f68078957a75658dc9372aa8edba32fc1300f36700e7313a517ada30d38f16584ef5a55a
-
SSDEEP
6291456:BFQaPGewbWf26r8dk5WymLzCqKiGfatPZtluvy7fnw:BWa5wbr6QQuL0iZtrlzw
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/Five Nights at Freddy's/FiveNightsatFreddys.exe unpack001/Five Nights at Freddy's/Uninstall.exe
Files
-
Five Nights at Freddys-Fredbear XD.rar.rar
-
Five Nights at Freddy's/FiveNightsatFreddys.exe.exe windows:5 windows x86 arch:x86
46f5b988d12d2c8f59d94e031172763f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
ord17
winmm
joyGetDevCapsW
timeEndPeriod
timeBeginPeriod
timeGetTime
joyGetPosEx
kernel32
GetVersionExW
GlobalDeleteAtom
GlobalAddAtomW
GetModuleHandleW
lstrlenW
GetLocaleInfoA
LockResource
VirtualProtect
VirtualQuery
SetLastError
LoadResource
SizeofResource
FindResourceA
FindResourceW
IsBadReadPtr
IsBadWritePtr
SetFilePointerEx
OutputDebugStringW
LoadLibraryExW
GetConsoleMode
GetConsoleCP
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
DeleteCriticalSection
GetTempFileNameW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
InterlockedIncrement
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedDecrement
GetProcessHeap
GetCommandLineA
HeapCompact
HeapSize
SetEnvironmentVariableW
RtlUnwind
DeleteFileW
HeapReAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
HeapAlloc
HeapFree
LoadLibraryExA
InterlockedExchange
RaiseException
GetVersion
GlobalFree
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
GetTempPathW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
FindClose
SetErrorMode
WideCharToMultiByte
GetCommandLineW
GetExitCodeProcess
GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileW
CreateDirectoryW
SetCurrentDirectoryW
CloseHandle
SetFilePointer
ReadFile
WriteFile
Sleep
GetLastError
MultiByteToWideChar
RemoveDirectoryW
GetModuleFileNameW
LoadLibraryW
GetCurrentThreadId
GetProcAddress
FreeLibrary
LCMapStringW
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetFileType
user32
GetTabbedTextExtentW
BeginPaint
EndPaint
GetUpdateRect
FillRect
PtInRect
DefMDIChildProcW
SystemParametersInfoW
IntersectRect
DrawFocusRect
InvertRect
SetRect
CreateDialogParamA
CreateDialogParamW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
DialogBoxParamA
DialogBoxIndirectParamA
DialogBoxIndirectParamW
LoadMenuA
LoadMenuW
LoadStringA
SetLastErrorEx
DestroyMenu
DrawMenuBar
GetMenuStringW
LoadMenuIndirectW
GetInputState
MapVirtualKeyW
SendDlgItemMessageW
DrawTextW
SetDlgItemTextW
GetDlgItem
SetWindowPlacement
GetWindowPlacement
PostQuitMessage
DrawEdge
GetKeyboardLayout
RemovePropW
SetPropW
GetFocus
IsIconic
CallWindowProcW
UnionRect
GetPropW
SetScrollRange
SetScrollPos
DestroyWindow
CreateWindowExW
GetParent
LoadStringW
LoadImageW
LoadIconW
GetWindow
GetTopWindow
GetClassNameW
GetDesktopWindow
SetWindowLongW
GetSysColor
MessageBoxW
RedrawWindow
UpdateWindow
SetFocus
ModifyMenuW
GetMenuItemCount
GetDlgItemTextW
GetMenuItemID
DialogBoxParamW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
RegisterClassExW
RegisterClassW
OemToCharA
GetAsyncKeyState
GetActiveWindow
ShowCursor
GetWindowRect
ReleaseCapture
SetCapture
GetKeyState
GetWindowLongW
MapWindowPoints
AdjustWindowRectEx
GetClientRect
SetWindowTextW
LockWindowUpdate
GetSystemMetrics
IsZoomed
IsWindowVisible
SetWindowPos
SendMessageW
IsDialogMessageW
SetTimer
InvalidateRect
EnableMenuItem
CheckMenuItem
GetMenu
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
ShowWindow
PostMessageW
wsprintfW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
GetKeyboardState
CopyRect
TranslateMDISysAccel
CreateIconIndirect
DestroyIcon
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
ReleaseDC
GetDC
DeleteMenu
GetSubMenu
GetMenuState
KillTimer
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
EndDialog
gdi32
SetDIBits
GetDeviceCaps
RealizePalette
SelectPalette
CreateFontIndirectW
GetObjectW
CreatePen
CreateRectRgn
CreateSolidBrush
ExcludeClipRect
GetClipRgn
GetStockObject
LineTo
Rectangle
SelectClipRgn
DeleteObject
SetBkMode
SetTextColor
MoveToEx
GetTextExtentPointW
CreateHatchBrush
GetCharWidthW
GetNearestPaletteIndex
SetBkColor
SetPolyFillMode
SetROP2
SetTextAlign
GetTextMetricsW
TextOutW
DPtoLP
LPtoDP
Polygon
CreatePalette
CreateCompatibleBitmap
SelectObject
CreateBitmap
comdlg32
GetSaveFileNameW
GetOpenFileNameW
shell32
DragAcceptFiles
ShellExecuteExW
DragQueryFileW
Sections
.text Size: 507KB - Virtual size: 507KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 129KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 22KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 296KB - Virtual size: 296KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Five Nights at Freddy's/Importante!!!.txt
-
Five Nights at Freddy's/Uninstall.exe.exe windows:4 windows x86 arch:x86
48429dd89f53d04179630bed66068bd0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
FindFirstFileW
FindNextFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
FormatMessageW
WideCharToMultiByte
CreateFileA
DeleteFileA
MoveFileA
GetFileAttributesA
SetFileAttributesA
CreateProcessA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetShortPathNameA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
GetDriveTypeA
LoadLibraryA
CopyFileA
FindFirstFileA
FindNextFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
FormatMessageA
GetVersionExW
SetErrorMode
MoveFileExW
GetCommandLineW
GetVersionExA
MoveFileW
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
LoadLibraryW
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetCurrentProcess
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
HeapReAlloc
HeapCompact
HeapAlloc
HeapFree
GetDriveTypeW
RemoveDirectoryW
CreateDirectoryW
FlushFileBuffers
GetCurrentDirectoryW
DeleteFileW
CreateFileW
Sleep
GetExitCodeProcess
MultiByteToWideChar
CloseHandle
SetFilePointer
WriteFile
ReadFile
FindClose
GetProcAddress
FreeLibrary
SetCurrentDirectoryW
GetFullPathNameW
GetShortPathNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
CreateProcessW
SetFileAttributesW
IsBadReadPtr
GetFileAttributesW
SetStdHandle
GetLastError
user32
TranslateMessage
DefWindowProcA
CallWindowProcA
EndDialog
DialogBoxParamA
LoadIconA
IsDialogMessageA
SetWindowLongA
PostQuitMessage
DestroyWindow
GetDlgItem
GetSystemMetrics
SetCursor
GetWindow
CreateDialogParamA
PeekMessageA
LoadCursorA
RegisterClassW
GetClassNameW
CreateWindowExW
FindWindowW
DefWindowProcW
CallWindowProcW
CreateDialogParamW
DialogBoxParamW
IsDialogMessageW
DrawTextW
SetWindowTextW
GetWindowLongA
SendMessageA
SendDlgItemMessageA
PostMessageA
GetMessageA
DispatchMessageA
CharToOemA
GetDlgItemTextA
SetDlgItemTextA
SetWindowTextA
DrawTextA
FindWindowA
CreateWindowExA
GetClassNameA
RegisterClassA
LoadCursorW
LoadIconW
CharToOemW
DispatchMessageW
GetMessageW
PeekMessageW
SendDlgItemMessageW
SendMessageW
PostMessageW
GetWindowLongW
SetWindowLongW
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
gdi32
CreateFontIndirectA
RemoveFontResourceW
GetObjectA
GetObjectW
CreateFontIndirectW
DeleteObject
AddFontResourceA
RemoveFontResourceA
AddFontResourceW
GetStockObject
comdlg32
GetOpenFileNameA
GetOpenFileNameW
advapi32
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExW
shell32
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileA
ole32
OleInitialize
OleUninitialize
version
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerFindFileW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
comctl32
ImageList_LoadImageW
ord17
ImageList_LoadImageA
Sections
.text Size: 52KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ