Overview

overview

7

Static

static

3

five-night...ed.exe

windows11-21h2-x64

7

Analysis

  • max time kernel
    2s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29-02-2024 00:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    five-nights-at-candy-s-remastered.exe

  • Size

    246.3MB

  • MD5

    2c436e5f44a105180ae35e15cd78260d

  • SHA1

    554fc6308a38e6f4e2462a010c09f23d9456b8eb

  • SHA256

    bd48a2dbc3409ec9fcc98edc73affa67e825a746677024a7ce536bd65c22ac67

  • SHA512

    1c0c0f6fc5334d2f17480febc69ccdd31720a1ab07dafde847aa3bef5114f950fb472cc863f6109935c39ec1d78d6e6ed04fa26c8a32c94ced2ac6e0a2753527

  • SSDEEP

    6291456:IJSM+eL2gZDFxT5z8Ey9WUUQLXX0rz9Msqv+qBt/xrTe8UIf5R8u1Ga1sl75AThk:IEM+E2gDJzFy3UuXm9bqv+OJrTezQ1G7

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 15 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\five-nights-at-candy-s-remastered.exe
    "C:\Users\Admin\AppData\Local\Temp\five-nights-at-candy-s-remastered.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:3908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\INI++15.mfx
    Filesize

    436KB

    MD5

    a3d86b4c5c0ef67f8b60c7b16f7f64f7

    SHA1

    05ee8ad4fc266b59e96c5d82f9143d4675ce2af1

    SHA256

    daa58baef197f71cbe4c8a22cb667c1c7d6a1edaa76c0d9aa22c4cfa46a6a195

    SHA512

    8de55dc09fa45faf003d104d49187a7ae8a013dd5340636447a7be962540244fa5b2dd36e8a1c6666266f1f0888dbebd90fe6a26553396a8fe1aae3ed97a0ef4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\MultipleTouch.mfx
    Filesize

    44KB

    MD5

    d87d5f7fba77eb3138786f30ad5efb83

    SHA1

    2a23f25a62d0177bc365f72d72027fb1b662a4b6

    SHA256

    063edbdbfa60d46b1faf10efc01b2cd84d9bc5cb0f98784acc3d9bc342fa8d5d

    SHA512

    27f1ec893425f15b59f7c40ea0a1a1e398263f9c2677db3ff8bde0e5da48529e5d95ca518b5d324637bd7b0cb38e18c6d71e4e4efae40a31a401b10cf288dbe4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\kcmouse.mfx
    Filesize

    7KB

    MD5

    a3b924e8747962ba4d6f81bf31da0d2a

    SHA1

    2c4fcabbb62cb08c6931fefdffc9d3549fc65df0

    SHA256

    8d4440a3b4d2fddd45f90007e08a23c5ada0e1c715d0c59f4532305008e4366c

    SHA512

    11134d818446607c52edfed5b29c1a922fe90b594b15e36f3df9fda04b4fb8a713c3120e6f643d327a3f29b211a6b15a8d40389b69fb6302db3defcfe5328be8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\kcwctrl.mfx
    Filesize

    63KB

    MD5

    fa3aa3c51150eb5410dc3d74484d84bb

    SHA1

    3ffca600b9d8b2d580c99021c95e8c6400d9a824

    SHA256

    0666e52ea54bb2bdb81216443ea0787b8fcc6292b64d6bdf285eebf42e1bbae6

    SHA512

    81ec7ec2a5877d1b226dfb4ccc8c3946b61fb409d5c53c789e6f8c310a0dc0b3ce1681613cc110a5559540a0ab302e6c36a00d0df07acb41c5a7c35b37d4594a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\mmf2d3d9.dll
    Filesize

    1.5MB

    MD5

    c85bcc9f3049b57aa8ccbb290342ff14

    SHA1

    38f5b81a540f1c995ff8d949702440b70921acc5

    SHA256

    bddda991185a9e83b9855a109f2fcfa78cd2d5402e9db344c6ec77f6ce69a0c5

    SHA512

    5097f9d78ddc651aabf41f217f622ee656a1c6de6a9b339354525293102cf631cca2b7babaf991e99e49efe4d1bb6792c8a7a11f82e4ae2081c3961eb9b5afe7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\mmfs2.dll
    Filesize

    768KB

    MD5

    ccee6e5f13ba055f71b154116100e7d7

    SHA1

    e0ad7cccec47462db6f0e318b811b8834075b84b

    SHA256

    1ab30cab05dd367352255f21faf9de625330e3641edc94a740d419af421f8648

    SHA512

    a1f7e5264ee3fb40e613b2b6b695097970f078891cf4ad819f0d0fffc4a0ad726c39232494b62d665e69759e0cf38947972e5d046a42e9b10ef6d3509412a1d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\mp3flt.sft
    Filesize

    24KB

    MD5

    e24c255815f56a442291f1d32e1c0710

    SHA1

    7eb6c69881ac4a99bef647b6d5b6c8aeab6cbc1a

    SHA256

    8cb15826d4042d8af76e53d1505f7002f1cb75bd89eeda6664ecbec042affc9c

    SHA512

    7740b4b59986c78c0a6ba1717404ae0981ae896b1971c7ad43c8733d973381c77b8d7efba90779dfc53f49a66f9dd8d3d07e06e0a8a7e24958d180eb3b630bb0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\oggflt.sft
    Filesize

    130KB

    MD5

    0c8c1ee3ba92189f4ce21d1b396a2765

    SHA1

    b7daa4a6e16416151dccbb0a89f304961b6cb627

    SHA256

    9e589f86317d840df9bb74f6ee20c24ca65afe58f4009740382f63a0f5531941

    SHA512

    0a4339092ac55bac3b1bdfaaa3401020f8f49918bd2fdb14524f3d558eb840b876aedfdeb54a1da163fa36393abf3fe8ab7e112a34ea9d891e82a22e96c85ddc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\txtblt.mfx
    Filesize

    36KB

    MD5

    8740745e7af7926a0e7d3b194fb51fdf

    SHA1

    d7688925efd0287334d444a9e4bd584177ed0fbc

    SHA256

    09a214d9738946b14c4470ea95b45de41641e5d69b7559dbf336f7b4624859b0

    SHA512

    dc52c25b588f386cceb0eef912e0ac38ffb07443011c957ca3d0fda8c2c6d41e8fbcb33dfc1b7c5ff469216cd8c233d5025b88575bd10684827c18fb5ef52bb3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\ultimatefullscreen.mfx
    Filesize

    73KB

    MD5

    96059dbec69c3904e4d7ce734a4b38d0

    SHA1

    5169934f8d89b0dba963861dcbae55e78fc21dfc

    SHA256

    fd179783ff6e6eb0959185087f33ed4a1b256e58762d9817bcb16888e20f7058

    SHA512

    82977b2c249e47ca37d6fd62f416ed995b4b5f953bc5c18c84bfbdacc2c5b17fdc50c1e736fafcac242a3f8921b5000e0ec84302bc4e0077d6eeee3aa43cc520

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\mrt568C.tmp\waveFlt.sft
    Filesize

    8KB

    MD5

    57ea61dd14314ef155e80c6a0be8a664

    SHA1

    963b0ef2fe976ff77044a821fe1e29be4a8cf8a7

    SHA256

    92a5053cf5973a6aa228c738d55387f12f1dfa8a837d7b938c60f05b6b56b3ad

    SHA512

    cc23cb30d76d22500c3ed7ce9ee0388588309d0779441b95559fce25a42f1eff52ca285c347655f8b33c15b75f9d2067738a151f81f605d3b563799a3a06c9a9

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Five Nights at Candy's Remastered\game.save
    Filesize

    141B

    MD5

    9b3edc2f6392cdcc051ebdac3f67b32f

    SHA1

    c928540bbed642c64a8ec137401303fe49faa1a3

    SHA256

    af1e35e61060ffc0e73d3831b3206498f6b376ead6c87e01c59dd930a6fcb3c3

    SHA512

    76e6de4729af19a38dd3756b4c3a39028c1ae35af1978e00420cc405cd5993730cf39d0a05b19b880c6d8226f5e9372800c82557ddd4323feef8adb444c8ca9d

    Download Submit

  • memory/3908-42-0x00000000013F0000-0x0000000001414000-memory.dmp

    Filesize

    144KB

    Download