winrar-x64-530es.exe

win.rar GmbH

This is a setup program which is used to install the application. This file is installed with the program WinRAR 5.30 (64-bit). The file has been seen being downloaded from d.winrar.es and multiple other hosts.
Publisher:
win.rar GmbH  (signed and verified)

MD5:
ca8763adce3db55ec1e99349ebed94a7

SHA-1:
fd8114affa38ef577f3dc5686d5e143bcb728efa

SHA-256:
91c89158d90d009682bbc290fd7b37047d6c6b71f61051b80c00f8e2471dd8d7

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 3:45:10 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Detection.Undefined
7.0.302.0

File size:
2 MB (2,063,320 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\winrar-x64-530es.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/31/2015 9:00:00 PM

Valid to:
5/31/2017 8:59:59 PM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Marienstrasse 12, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FE46A10AD94269C3DD225C13645352E4

File PE Metadata
Compilation timestamp:
11/18/2015 6:15:34 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:HqIzgpc43t8vqiy7L3SswHJk3Er1dIzhLdCQMK:HqIzgpc43ZiaisUkUr1dIVLdCQMK

Entry address:
0x2218C

Entry point:
48, 83, EC, 28, E8, 2F, 65, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 20, 49, 8B, E8, 48, 8B, F2, 48, 8B, D9, 48, 85, C9, 75, 05, E8, 81, 1A, 00, 00, 48, 63, 43, 18, 8B, 7B, 14, 48, 03, 46, 08, 75, 05, E8, 6F, 1A, 00, 00, 33, C9, 85, FF, 74, 33, 4C, 8B, 4E, 08, 4C, 63, 43, 18, 4B, 8D, 14, 01, 48, 63, 02, 49, 03, C1, 48, 3B, E8, 7C, 0A, FF, C1, 48, 83, C2, 08, 3B, CF, 72, EB, 85, C9, 74, 0E, 8D, 41, FF, 49, 8D, 14, C0, 42...
 
[+]

Code size:
186.5 KB (190,976 bytes)

The file winrar-x64-530es.exe has been discovered within the following program.

WinRAR 5.30 (64-bit)  by win.rar GmbH
10% remove it
 
Powered by Should I Remove It?

The file winrar-x64-530es.exe has been seen being distributed by the following 50 URLs.

http://d.winrar.es/d/103z1455575990/.../winrar-x64-530es.exe

http://winrar.es/.../103?PHPSESSID=df4d2f44c9e55792728d5e7495ad83ad

https://www.winrar.es/.../103?PHPSESSID=0daf94fb20afef1f702b4fa4921e2f1d

https://www.winrar.es/.../103?PHPSESSID=bc4259be3e45dadf4b5b48180181f0c0

http://d.winrar.es/d/103z1453280436/.../winrar-x64-530es.exe

https://www.winrar.es/.../103?PHPSESSID=79da82f537907afd35be5ae63bae1ebf

http://d.winrar.es/d/103z1452190986/.../winrar-x64-530es.exe

http://d.winrar.es/d/103z1452129252/.../winrar-x64-530es.exe

https://www.winrar.es/.../103?PHPSESSID=8a5e275d1fb25a90173cf3ea353ed42e

http://d.winrar.es/d/103z1453379962/.../winrar-x64-530es.exe

http://winrar.es/.../103?PHPSESSID=800b6d305c87e4ef9a8114901a526d08

https://www.winrar.es/.../103?PHPSESSID=bd1f251d8caca250ee5600e894c89c4c

http://d.winrar.es/d/103z1454799540/.../winrar-x64-530es.exe

https://www.winrar.es/.../103?PHPSESSID=0f326a16bdcc39d752552e0c00543204

http://winrar.es/.../103?PHPSESSID=c2b7a4926c42269632f46d41bf746a92

https://www.winrar.es/.../103?PHPSESSID=832abaef0abc434de72ca413e6a47989

http://d.winrar.es/d/103z1454992331/.../winrar-x64-530es.exe

https://www.winrar.es/.../103?PHPSESSID=bb648c33896bcdb674739f21cd5e1d04

http://winrar.es/.../103?PHPSESSID=e7ff03c0768f65c025e698d32f3bde20

http://www.winrar.es/.../103?PHPSESSID=ebebbf1f99d42256160f2be6e9b950c5

https://www.winrar.es/.../103?PHPSESSID=d2a800a1b17af820a05fc491407b2a79

https://www.winrar.es/.../103?PHPSESSID=5e7bd12f36e75023ee1f1ef2de65a75a

https://www.winrar.es/.../103?PHPSESSID=1deff73b90fcc515165462475dddc5f7

http://d.winrar.es/d/103z1452154761/.../winrar-x64-530es.exe

https://www.winrar.es/.../103?PHPSESSID=578f5418726dc0fe819a1052f4a4c9dd

http://winrar.es/.../103?PHPSESSID=e45322b98c0044f5b8de349d42b0b478

https://www.winrar.es/.../103?PHPSESSID=1a08b33e939845f7726b540094743870

http://d.winrar.es/d/103z1452138638/.../winrar-x64-530es.exe

https://www.winrar.es/.../103?PHPSESSID=c3c9c4c976dcc43d0bfda593fc551bce

https://www.winrar.es/.../103?PHPSESSID=0b9de9227d8ea2b014b537ca416419aa

Latest 30 of 1,034 download URLs