home

winrar.exe

Paycom Media, S.L.

The executable winrar.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Paycom Media, S.L.  (signed and verified)

MD5:
4a1c0bbc3d18abbc61aeacec97ef04fc

SHA-1:
308d7ce75c993d45f90fa025bda6bbbdd7f3e3f4

SHA-256:
2ea8becb256c94c1260a6ade023969af445f349d67612d75b228011c0700d8b0

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
9/21/2024 2:23:34 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.7.0

File size:
1 MB (1,063,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\winrar.exe

Digital Signature
Signed by:
Paycom Media, S.L.

Authority:
VeriSign, Inc.

Valid from:
3/19/2012 1:00:00 AM

Valid to:
3/20/2013 12:59:59 AM

Subject:
CN="Paycom Media, S.L.", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Paycom Media, S.L.", L=Madrid, S=Madrid, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2FADC58FEA37F310A0F6E40CECBD0B6A

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xCD280

Entry point:
55, 8B, EC, 83, C4, F0, B8, 48, 82, 40, 00, E8, EF, DF, FF, FF, FF, 25, CC, E1, 46, 00, 8B, C0, FF, 25, C8, E1, 46, 00, 8B, C0, FF, 25, C4, E1, 46, 00, 8B, C0, FF, 25, C0, E1, 46, 00, 8B, C0, FF, 25, BC, E1, 46, 00, 8B, C0, FF, 25, B8, E1, 46, 00, 8B, C0, FF, 25, B4, E1, 46, 00, 8B, C0, FF, 25, F4, E1, 46, 00, 8B, C0, FF, 25, B0, E1, 46, 00, 8B, C0, FF, 25, F0, E1, 46, 00, 8B, C0, FF, 25, AC, E1, 46, 00, 8B, C0, FF, 25, A8, E1, 46, 00, 8B, C0, FF, 25, A4, E1, 46, 00, 8B, C0, FF, 25, A0, E1, 46, 00, 8B, C0...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
837.5 KB (857,600 bytes)

Remove winrar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.