home

winbox.exe

MD5:
f6d2baad1383965770fe4ad9a59b4a22

SHA-1:
3bf49292324f62dc237558077f3d15ab367141fb

SHA-256:
819d78bf88d4f802700a12138c91e4e0a6cac8ef620ac7684c450e76779552c3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 8:01:56 AM UTC  (today)

File size:
1.4 MB (1,514,496 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
2/25/2015 4:04:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
24576:rqnqZPNYIA6cJ3D2e0vPPlEnHxL8Du0z7zBHEv9LpTm2LGGpU9RgH5ND035qVCjB:ruI0J3D2e00aDDz7oFTm29U9RgH5ND01

Entry address:
0x1284

Entry point:
55, 89, E5, 83, EC, 18, C7, 04, 24, 02, 00, 00, 00, FF, 15, 50, 98, 54, 00, E8, 64, FD, FF, FF, 55, 89, E5, 83, EC, 08, A1, 8C, 98, 54, 00, C9, FF, E0, 66, 90, 55, 89, E5, 83, EC, 08, A1, 70, 98, 54, 00, C9, FF, E0, 90, 90, 66, 90, 66, 90, A1, 3C, 03, 50, 00, 85, C0, 74, 41, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 10, 50, 00, E8, ED, 66, 0A, 00, BA, 00, 00, 00, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44, 24, 04, 0E, 10, 50, 00, 89, 04, 24, E8, D9, 66, 0A, 00, 83, EC, 08, 89, C2, 85, D2, 74, 09, C7, 04, 24, 3C...
 
[+]

Entropy:
6.5889

Code size:
1019.5 KB (1,043,968 bytes)

The file winbox.exe has been seen being distributed by the following 5 URLs.

http://upgrade.mikrotik.com/routeros/winbox/.../winbox.exe

http://ixp.mikrotik.co.id/.../winbox-3.RC6.exe

http://www.mikrotik.co.id/getfile.php?nf=winbox-3.RC6.exe

http://download2.mikrotik.com/routeros/winbox/.../winbox.exe

http://mikrotik.co.id/getfile.php?nf=winbox-3.RC6.exe

Scan winbox.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.