» fnaf_world.exe
Overview
Analysis
File Details
Downloads (172)

fnaf_world.exe

Cilap

Morava Group

The application fnaf_world.exe, “Cilap Setup ” by Morava Group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.appsfilessafe.com and multiple other hosts.

File name:

fnaf_world.exe

Publisher:

Morava Group (signed and verified)

Product:

Cilap

Description:

Cilap Setup

MD5:

88723517baa6164b53d3a648f08ce8ff

SHA-1:

759658cc02dbc69b4735d2e69357e76fc2a94386

SHA-256:

44624c8827dbe9cc2ac73d1f339d2760dd658cc2f183f4544c67b3543054c20c

Scanner detections:

1 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

12/26/2024 2:43:01 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.MoravaGr.Installer (M)

16.5.13.20

File size:

925.9 KB (948,152 bytes)

Product version:

3.7.3

Fast Internet

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\fnaf_world.exe

Digital Signature

Signed by:

Morava Group

Authority:

GlobalSign nv-sa

Valid from:

3/7/2016 3:28:01 AM

Valid to:

3/8/2017 3:28:01 AM

Subject:

CN=Morava Group, O=Morava Group, L=Towson, C=US

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A83F14C1C6D435814D1A4B9EC949DB5C

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:mH9a0YfN12k11Me/htysP9NLE/MJmPh6L:aRYfN124yghtJDLyMJmh6L

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9339

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file fnaf_world.exe has been seen being distributed by the following 50 URLs.

http://www.appsfilessafe.com/.../5b53BMQ4mfbCL1S8=&c=jEvv2X5UenBFM9yQnjIHCgx3D1mp6 hCm HS2CqIrNeZCpfJmHKPHXv79I vtYK4xa5HGpAtm4 BB6drRKindZFAXthbHqjsRb1nbZ5PO GFcr5rqnFMpt EfOj9AEuE jhgHftZ9CS5pXq9 Apc88M7g6h9C6bhiJHKEDAMT Q=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=W4aVunypWr7ul6dtb9rGsDBOJVI/9UV4AHXvW9ZUhOw=&c=cnis3cUh8QZG4wOKu0JsGl0oYwdZFMpx 2QGUYJqCXHLoFxzkuAqz7hixLnM96jsA947Qapc09HO5LaSs362VIosM8UssDCzT/.../sdgsYoc HpmPvQAK6nil3YgxyHk rd858jhRCYoR4XAZOF6OSSJsGnTcaeZgvNw8=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=qOZmELccr6k2EbAcq OzffhuCHWo6TUWt9hQloQHjfE=&c=5y JIrlolgEp Bpzbhns f8/.../vNxXpwCPC3i05ut0KAHGo2UQUYk6N2gQQjdG9uDVgfakkq8hTcf7QpqYM9SasV0lKQ6WtMxw VMsW1HPsLuwQpkIlhlQLM2dMbdC3400Mb61M4SWFE5XuQzWzuU5dU&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=G EkyNxYWLktpoFfhUIIBjiTDIAlHbM/.../xwzVT4qyA811PDn2IWwIiLtk8jt5juZchpXbpu6 trJ7uLecIOU6FBX&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=I9z1XvPvTyUaP86QGeK2uljPzGDbtTG/.../T2XrLWIVTZsZ1Eh8BSR3OWzCAGArran5lL0xKI=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=TEWQruEIQsx9YOwXI4EgbrH6YmWsMSDHn5HSecvAW c=&c=1GfokF1zbLLSfRb/1rqBlEEqZ060IM0cJzrPuZe03KQmbtNM72Knzqljx1v/T5bc7WGfWNgsXxcoaprnNrnoq6aE3m1Z9G30JqmqH9cA7GeZg6c30nwpGRWdqWuSlRAB12soxwK0li60BxtR4ZRRMYDHsjHs/.../g9oetOI=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=d8itOvL9TF8k6uy4OI8x/.../Pwf9ZWIV4zBQcrvBFD7soM8w dCpSD5UBl9KZvNq8Ydn9f0YfQIhjvCbA5nEb fjue5aZQPTi8oAzTPhqyQYHvGQZXQDb54sBsVaHysLxRlhHA9bk10dCa3SpYdVY=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=BHxIs29/qdHnRBEsWnySqp46Mn7sPRBB1nb9 Jj0z2g=&c=C6yt07F/bEy6JkkvmvGXy9sCbkyattAl3g mWA2GduQYeU4nHEoqEk3jm1tDdf2QgLMIV/.../pIHU2ACVwVVUVSMw7 3wZr448QHab1b Wwb7dWCLv 9IVmaq79ulqgnNDS94RUrNYpW9bxSl942aenjuvjg=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=0e4H/BKDHgplXt 1PQgEvvRbsA9k8ssFIcD5XzVmt3A=&c=8zJBu6gT9ZOIxrs ulNlB5e7NAIv gpJY1PddAgiBA 7dNPHsJZzr2mESu2tfVvn8M0Pce/DrFeEQ0GlVbMA7QjMCAIFtauF2tX1VUWRJ30Qg35Wo/.../Wadz9TH5caiNHrlz&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=xI3GG7LtOJzJ6rJNsR0TbXlY2McmPInWB30nP6U2OMU=&c=cboylampuKKmJTY3oZJl4og5LVP9rqYyGFDK95y8ZpYjUijILBbtrE/21KDGzmxpmxccIplxRt0p6pcs85WTIbnR8fJSix j976JFRZq8NWnHnYNYeXDKn8VIOhcDRFOKyCZqcTrKDKzMvIlOlZKOOI3lduIg/.../Vah0=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../yXqZsQu4hBIwxPLqGRqFmhtsXYx dE14FJi2LZZkeQ7LGqt0HyBtYCg5Q&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=dkzRhhNMRN3ERKqqjvTf6EfFb5Iipcg xWxxEPEpecE=&c=yk0PWq5e2GKOWtA/.../Bk7X7f303sNJd71qy3DBiNrnXx28B0oFiNyR oFXcwBKe1Z4Rl4Xx4p6au5ARIMKDGG5BLgzR4l0098XsCcnOWkphrUATGHeJ5 QvL3EjR&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=zJ19Fs ND/1/oHGObD4Drdw1w1KDU2WiPyfzmlF PKk=&c=s/K7mEnePfLcBwBV/HajEcq e g//9s6ZU/dvxWF4jbGxixJugkHTcBx0Bv7H MlZ0BzHFjcTt4bz6wUUW91mA59tA6xXrC0nANYZcpnpMrq6d3hHttDmEDOvVBy55IrF/.../StTrb9iNbOvShrY2RM=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=priCKmj1efO6QwHquMcFAGANBXH0sOM Zp6LUmfZkbQ=&c=9zdPRenSLiMP4U2at93Ly4Y9LY 5tiicTP/.../ 0izEl9rtES3JGFFAQujsVuoNXu5E2QUlxlLp tc6hwTTFpl1QYOVOA3XOEYYtfhPSSs=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=f5CkkdoM8ZXtkmrIKuVC/7sAsqs0en1kaDPr2gzTfqg=&c=m4pGPdqaZYgF/dal j6pOqZ dZ3vecsHmVoFFhL2wo5rLSSwmq/.../6JVv94FzOCQFw1RYFmULn0Bfl1s4ZgWasLKzZndKm94dRjV5gnfNteAEWFBF692ewiMYLZwGb2Eu0FEV66f5XGB1PQCfZFJ7oI1wQlL0mQ=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=UuAMjXcMWCFn oV CoOyHxUXN3J3JYgdwjlavOHvIE0=&c=Su82b/rK/.../c6K4afNo9xOawhwy1CTLkF9ummJKg=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=0iFe7kQ/.../wkP5iWLRT5qJ6sd6gH1o3dYMVI00rzVYRisVrXewP csA=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=kL4x8zH9oD6GVs/YbCkcOrA/Xd6X Hm9dvfTa5Iph Q=&c=JwZHNC4iaY9Xtq58WtuEZVjilt5fPMPCUdGsq23pUSmFKkf08LUKZhaarbUd6HDKebQXMNVCXkanhbjv/.../iyjYYRfKl92vj5i2fzb73d09fE1jAeYUBtMkXoWCo2ZXvdoEOAsWU=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../W2LR1pdEMApOfmhLut5IcTjNFiKOxe9UmtiLCXv4=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=wBQ5xmYYEhqVR3w/g0S1FcxwKC1wcG0TrG8oR5K0ctA=&c=QK cxH2TCwrwQczP0wfTZrc8UpH9zmCWtqnAGWheLKvoLK2WGZ8VfWaKC1M2MCwYwhOmA8ONIdXvwDvGYb/.../ozOe63P3rnrdMxoLHffkg6W lMXDV GhY&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=GlgOcMOnNqEQHqJNIEGPGFdbFV27NwckSfSbWZCOTNI=&c=lSkVDXCerL2ULtjZNnFtL3wBARgyDWVuCbHqnnO1 AOeFl7IodSoggTMo5JNcHDLAhZBs2JYYyXXNIE/hlh/.../hMPx0QIJnSK5tL&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=ayA4ykROtMTfC9nF8Gteo8FBc2NmtNfUp9ACUQM0L/0=&c=FbOc1NVszMEkPc eLw/.../ xJbMvDLWej4MgZgqqxRqqewD0QOCmQPGgxy88R9qBOpSVKRNNd8ZYWfP0OEPXI0RNSX p3LKAf7hsPQdkmv1qZj00qbubFMqj4bjNli4Yt1XFGkY 1ORQd5Q=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=jBkz5SfpXJCWXg 7AveV7RIIUzGkjSaezEAw/C0msBw=&c=77FtieLJh4hlyKfsNORtGapZlu1che1IksgMPMTdBjLtKrguHfkFNjFtX Ll/1Txy4AWyb5MyEQSVdBcVDbpjhdXmph9Jyi3MlfaOQG79DTV/yTKOXhpLPfZrCP9qHOFd/.../3DhJ9aMKzojyvAwY=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=tEUHbHOime6fa4PMy3zfKBsCCH64f6KN2y4n Z6P1p4=&c=ylLix2bCBZ54uDxVhX4OLwcAM4IfxGCBI6/rHBQ3YekGMnHTxNxZrpy7xAhD/.../ n8fsU fxsA8NoOqscDYuikWwAbtKZfwiWriIGCZjijt0DODqAnwmF3pJdRIMSXQ=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=I1tc9P udDB/R2aOvKugyj q8Gk20ToPWOn1geBhnGw=&c=OMirIMYbThJzFk 7r161KimCdTck99y32j6LxSliOIfP5LQQ4Rx/lnw1lzYwDmm0OlzR/X27efvtICHeCCJY lQILz8/.../yMQAlz3BD5t RNQ 58y5 mlHQSYRYNNDdk2UxveHPlsvoJhCHDrvgHnmgPQw=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../TfS7d7VA8hfBxgOBpT5C3hkYle1IGbhlUPsGHtqKgXh 1UDdJmI47FsWB0R XcBHeiCW4n3t Aa6BEakkAEJNtC3jEgN6T5jiwkxm4vewUkdQShBQP4SROM4rN43nvzJdrPuLp9K3M=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=hcH4ZMS6rlhU9euLyIEpLxjlBi 1B1d5GupxfyNKgJg=&c=olDrO71Ltx2EqI4GtvdKTDuRWvxGXlp18fiaQo3ZFe bZi 5TMGyVlRRuo2NCY1xYFKuP5NY9oWcTc 9ARjbUfkwqZNWw73XQd5pK3 tjx6OhYmRRaysnNV4gBEeWy4WDejNiHonlAqktclDQZe/74a5 0/.../b8&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=S/rRJOheLGWJ29M/y8 Yzyj6CmY/.../jiiX7S38j8GTdVeB I9SmRaD6 REaKnhFWeW4PayOVmbGhuTPfuuviS8xgl2akeYLknwJ0ZO&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../wg=&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=1qBAYu2ATV669RshZw9uyFGO0OIUHOQkWXc0YPVgeLA=&c=XXsobZDVov4r8X986Oh2kMjnYg pBLTbevSKfL9yjksgcxM3IDpTDrYIShS4NKO3JTjve7/ZKZrWLBRxpSeNAFl8fnwliU0vNCzkmoV1tMEC SZMYlK4kgLSnPUP/9aB9rim0JbX0AI k6X7CXUb0/.../czQViAe4Wqn8wJhGrpVAx6xkr&e=0&downloadAs=FNaF_World.exe&fallback_url=Fallback URL

Latest 30 of 172 download URLs

Remove fnaf_world.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.