home

winmekmak_017.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from x.vindicosuite.com.
Version:
0.17.0.0

MD5:
dbedaa31dc2c51fe3f3171261d807393

SHA-1:
7b05197033cab64d5fb19eaf8959bcfcaa4a0f68

SHA-256:
02b9ffedae8101511a86f735a60418fe855a3840410935e36cf7d7697629d0e0

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/16/2025 2:42:16 PM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
7.16.14.00

File size:
640.5 KB (655,872 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Swedish (Sweden)

Common path:
C:\users\{user}\downloads\winmekmak_017.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:WcFPVX79NSMvOUs3yJGjDQp+nsJdgYj4M7cqE0zKJ1kMHF7FaX7sW1dE66eKyC2:xFtX7WMv234ki4w6M00zKDbrazX9C

Entry address:
0x1000

Entry point:
68, 01, C0, 5F, 00, E8, 01, 00, 00, 00, C3, C3, 46, 27, FF, 7A, 3D, EB, 56, 85, 55, 2B, D7, FA, 1B, DE, 9C, 61, D7, E1, CE, 3A, F6, 3E, 77, 06, 38, 53, 40, F0, FA, 72, E8, 30, 40, 35, 94, 39, 65, F7, F0, 8D, 7C, 77, 3E, AF, 45, 74, 8A, C2, E4, 91, 9A, 27, AE, 73, 54, B6, 06, 51, C4, 37, A6, DA, 56, A0, 46, 9C, 60, 58, A5, CE, 35, BE, 9A, F4, 5B, A6, D3, C1, F9, 7A, 61, B5, CE, F9, AE, FC, AE, F0, 61, A0, D0, 4E, 91, 3C, 35, F7, 44, 4F, 50, EF, 91, B9, 27, 5F, C6, 15, 97, 48, 56, 53, 46, 3C, 9E, ED, 59, 91...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
540 KB (552,960 bytes)

The file winmekmak_017.exe has been seen being distributed by the following URL.

http://x.vindicosuite.com/click/fbfpc=1;v=5;m=3;l=401071;c=776283;b=3368032;dct=http://ipb.nu/.../WinMekMak_017.exe

Scan winmekmak_017.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.