home

archive.rar.exe

GRAND MEDIA LLC

The executable archive.rar.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
GRAND MEDIA LLC  (signed and verified)

Version:
4.0.0.0

MD5:
2d3682641dfc9297fafbb3f44e80907d

SHA-1:
5b46cf9efc9040c68d428465180356173a6684be

SHA-256:
0ea2e69a0376d99cd448788f1238c1332f6a0ced656dbb2455841c71888a5044

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/27/2024 9:41:15 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.10.18

File size:
2.7 MB (2,829,008 bytes)

Product version:
4.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\archive.rar.exe

Digital Signature
Signed by:
GRAND MEDIA LLC

Authority:
COMODO CA Limited

Valid from:
3/12/2015 3:00:00 AM

Valid to:
3/12/2016 2:59:59 AM

Subject:
CN=GRAND MEDIA LLC, O=GRAND MEDIA LLC, STREET="office 4, 74, Velyka Arnautska street", L=Odesa, S=Odeska, PostalCode=65045, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
6DB4D6451840481B470CABBD55471AA0

File PE Metadata
Compilation timestamp:
2/11/2016 1:22:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1000

Entry point:
B8, 8C, 95, B6, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 3E, 1E, 50, EA, BA, C3, 99, 9A, A0, 7D, A6, AD, 19, 4A, 94, 06, 29, EB, 6A, 5D, 73, 70, 09, B3, 6A, 4C, 2C, C2, 70, 64, D4, FE, 17, 95, F7, 3D, 0C, A3, 0E, BD, 64, 78, AD, C5, 1B, F8, 67, 27, D9, A2, FE, 67, EB, EF, 81, AC, F4, 7A, A0, 12, F3, 79, 9B, 68, 79, 0A, 4E, 7A, 89, 18, 31, BF, 6B, 20, 4E, 98, D9, BC, 7A, C8, 38, 27, 4B, 03, BB, 93, 01, 47, D3, DC, 24, 9A, 39...
 
[+]

Packer / compiler:
PECompact v2

Code size:
5.3 MB (5,543,936 bytes)

Remove archive.rar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.