wconnectx.exe

Winconnection X

Winco Tecnologia e Sistemas Ltda

It runs as a separate (within the context of its own process) windows Service named “Winconnection X”.
Publisher:
Winco Sistemas  (signed by Winco Tecnologia e Sistemas Ltda)

Product:
Winconnection X

Description:
Servidor Winconnection X

Version:
10.0

MD5:
9b1250cd353ceb6cfb555a7829d7becf

SHA-1:
c09eaab9023081dae782fab98c806c1a4e9b2250

SHA-256:
f0bb954ad2c9bc74c5d9617e917d7e97cd31421633d8fb7ddff8794d866317bf

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 5:05:36 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
probably BACKDOOR.Trojan
9.0.1.05190

File size:
1.9 MB (1,956,392 bytes)

Product version:
10.0

Copyright:
Copyright (C) 2016 - Winco Sistemas Ltda

Original file name:
wconnectx.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\winco\winconnectionx\wconnectx.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
4/3/2016 9:00:00 PM

Valid to:
4/10/2019 9:00:00 AM

Subject:
CN=Winco Tecnologia e Sistemas Ltda, O=Winco Tecnologia e Sistemas Ltda, L=Rio de Janeiro, S=Rio de Janeiro, C=BR, PostalCode=22631, STREET=Av Das Americas 1155, SERIALNUMBER=01662700000104, OID.1.3.6.1.4.1.311.60.2.1.3=BR, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
015E060D2B2A14664AB9E0C5244B795D

File PE Metadata
Compilation timestamp:
12/27/2016 6:23:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

Entry address:
0x12BADC

Entry point:
E8, 54, 2B, 01, 00, E9, 40, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 10, 75, 20, E8, 16, D9, FF, FF, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, E5, FA, FF, FF, 83, C4, 14, 83, C8, FF, E9, 80, 00, 00, 00, 8B, 4D, 0C, 3B, CB, 56, 8B, 75, 08, 74, 21, 3B, F3, 75, 1D, E8, E7, D8, FF, FF, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, B6, FA, FF, FF, 83, C4, 14, 83, C8, FF, EB, 53, B8, FF, FF, FF, 7F, 3B, C8, 89, 45, E4, 77, 03, 89, 4D, E4, 57, FF, 75, 18, 8D, 45, E0, FF, 75, 14, C7, 45, EC...
 
[+]

Code size:
1.4 MB (1,503,232 bytes)

Service
Display name:
Winconnection X

Service name:
WinconnectionX

Type:
Win32OwnProcess


Scan wconnectx.exe - Powered by Reason Core Security