winrar-x64-400.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from cdn.discordapp.com and multiple other hosts.
MD5:
18198f0d8d195bfe22edbdc78ae3c227

SHA-1:
efa8f7aa0484a73d0a0a3195a9a7f231adb4c993

SHA-256:
1703c2c8754c9c1857e3ac1ab399badc1085e7a288007e58348e0e74b677b42e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:36:01 AM UTC  (today)

File size:
1.5 MB (1,573,972 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
Compilation timestamp:
3/2/2011 2:40:46 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:2NQhmG6PbGCwhM3Co6nwYEBtg2jJ+uIPA798fIl3B8Rgho6/ApaKbb:2NGmlebnwXLg2l+FP2y6B8x6/Apaob

Entry address:
0xBD58

Entry point:
48, 83, EC, 28, E8, 9B, FE, FF, FF, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, 83, C4, 28, E9, F8, 38, 00, 00, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, F9, 48, 89, 11, 48, 8B, CA, 48, 8B, DA, E8, 45, 99, FF, FF, 48, 89, 47, 08, 8B, 83, 24, 0C, 00, 00, 48, 8B, 5C, 24, 30, 89, 47, 10, 48, 8B, C7, 48, 83, C4, 20, 5F, C3, CC, CC, 48, 83, EC, 28, 4C, 8B, 09, 41, 8B, 81, 24, 0C, 00, 00, 39, 41, 10, 75, 0F, 48, 8B, 51, 08, 45, 33, C0, 49, 8B, C9, E8, A6, 9F, FF, FF, 48, 83, C4, 28, C3, CC, 48, 83, EC, 68...
 
[+]

Entropy:
7.9704  (probably packed)

Code size:
78.5 KB (80,384 bytes)

The file winrar-x64-400.exe has been discovered within the following programs.

WinRAR 4.00 (32-bit)  by win.rar GmbH
Version 4.00 speeds up decompression by up to 30%. Windows 98, Windows Me, and Windows NT are no longer supported; the minimum Windows version required is Windows 2000. WinRAR is a shareware file archiver and data compression utility that is able to create RAR archives natively.
www.rarlab.com
1% remove it
WinRAR 5.21 (64-bit)  by win.rar GmbH
5% remove it
 
Powered by Should I Remove It?

The file winrar-x64-400.exe has been seen being distributed by the following 41 URLs.

https://cdn.discordapp.com/attachments/234348739219816449/.../winrar-64Bit-400.exe

http://www.filehorse.com/download/file/.../

https://www.dropbox.com/s/.../winrar-64Bit-400.exe

https://dl-web.dropbox.com/get/suporte/.../winrar-64Bit-400.exe

http://store.jt.iq:8080/index.php?do=download&id=119761

https://docs.google.com/uc?authuser=0&id=0B9UNyeFACVxubFo0NFVMamlfdlk&export=download

http://www.softwareupdater.com/download/.../winrar-x64-400.exe

http://172.27.27.244/2TB1/software//index.php?dir=WinRAR/.../&file=winrar-64Bit-400.exe

http://store.jazeeratelecom.net:8080/index.php?do=download&id=119761

ftp://10.254.254.251/.../winrar-64Bit-400.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

temp:winrar-64Bit-400.exe

http://filehippo.com/download/file/.../

https://www.dropbox.com/sh/dqx0qx038hxmgw2/.../winrar-x64-400.exe

http://dl2.masterdl.com/.../winrar400-x64_wWw.MasterDL.Com.exe

http://172.27.27.83/s1d1/software//WinRAR/.../winrar-64Bit-400.exe

http://192.168.1.6/apps/.../winrar-64Bit-400.exe

http://220.220.220.1:7860/Shared_Data_1/Softwares/WinRar/.../winrar-64Bit-400.exe

ftp://10.186.0.2/04.SOFTS/UNG DUNG/WinRAR.v4.00.(x86,x64).Final/WinRAR.v4.00.(x86,x64).Final/.../WinRAR.v4.00.x64.exe

Latest 30 of 41 download URLs

Scan winrar-x64-400.exe - Powered by Reason Core Security