winrar patch.exe

MD5:
144eb7f145494bdf7ec54357e31bcf89

SHA-1:
c30f733ab08d1cde274dd0ca846764dfb5096e3e

SHA-256:
75143456d5fe5294ad39ff55111427896b16dd0f3381c80bb03fa9b14af505f2

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 12:02:25 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Virus.W32.Almanahe!c
2.1.4+

Clam AntiVirus
Win.Trojan.Agent-586674
0.98/21511

IKARUS anti.virus
possible-Threat.Crack.WinRar
t3scan.2.0.4.0

K7 AntiVirus
Riskware
13.213.18560

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen
1.0.0.1077

Sophos
Mal/EncPk-ACO
4.98

File size:
1.2 MB (1,258,496 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\winrar patch.exe

File PE Metadata
Compilation timestamp:
6/28/2006 1:05:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
3072:+zuBJ1nfNTxYCoV0mnBMIxSDADeak7dJHB/AKG:+zi1n1TxYCoWQiuSsQLH5AK

Entry address:
0x101F

Entry point:
68, 78, 20, 40, 00, E8, 0D, 22, 00, 00, 6A, 00, E8, E8, 21, 00, 00, A3, 38, 7C, 40, 00, E8, D2, 21, 00, 00, E8, 27, 22, 00, 00, A3, 3C, 7C, 40, 00, 6A, 0A, FF, 35, 3C, 7C, 40, 00, 6A, 00, FF, 35, 38, 7C, 40, 00, E8, 0B, 00, 00, 00, E8, B5, FF, FF, FF, 50, E8, 9C, 21, 00, 00, 55, 8B, EC, 83, C4, B4, C7, 45, D0, 30, 00, 00, 00, C7, 45, D4, 03, 00, 00, 00, C7, 45, D8, 2D, 12, 40, 00, C7, 45, DC, 00, 00, 00, 00, C7, 45, E0, 1E, 00, 00, 00, FF, 75, 08, 8F, 45, E4, C7, 45, F0, 10, 00, 00, 00, C7, 45, F8, 10, 61...
 
[+]

Entropy:
1.3386

Code size:
18 KB (18,432 bytes)

The file winrar patch.exe has been seen being distributed by the following URL.

Scan winrar patch.exe - Powered by Reason Core Security