home

winbox.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 10.10.8.1 and multiple other hosts.
MD5:
67eb2274b644127c992e15f33b50938d

SHA-1:
21f0936cb99320438f2077216f687e3817e83dd5

SHA-256:
8a90b37316ab438648c9daad73fd38a8d9e3583cf27310478cb3dcd4e9fb40bd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:50:02 AM UTC  (today)

File size:
111.5 KB (114,176 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
11/1/2011 5:15:23 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
3072:kkMwuGcvhkLdNPFZJ16ckEdzUdsLlOXu:luGRztjkEos0

Entry address:
0x1220

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 01, 00, 00, 00, FF, 15, 64, B4, 41, 00, E8, C8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 64, B4, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, 88, B4, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 74, B4, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 83, EC, 08, E8, 45, 0C, 01, 00, C7, 04, 24, D0, 92, 41, 00, B8, 10, A0, 41, 00, 89, 44, 24, 04, E8, 60, FC, 00, 00...
 
[+]

Packer / compiler:
Dev-C++ 4.9.9.2

Code size:
73 KB (74,752 bytes)

The file winbox.exe has been seen being distributed by the following 9 URLs.

http://10.10.8.1/.../winbox.exe

http://10.93.108.82/.../winbox.exe

http://192.168.100.252/.../winbox.exe

http://192.168.99.1/.../winbox.exe

http://192.168.123.1/.../winbox.exe

http://192.168.1.83/.../winbox.exe

http://192.168.88.1/.../winbox.exe

http://spesial13.smkn-13bdg.sch.id/.../winbox.exe

http://10.1.1.1/.../winbox.exe

Scan winbox.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.