home

WinRAR.exe

WinRAR

Alexander Roshal

WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats. The file has been seen being downloaded from dc311.4shared.com.
Publisher:
Alexander Roshal

Product:
WinRAR

Description:
WinRAR archiver

Version:
4.20.0

MD5:
47998df241bfbe2f92d4487643394ff2

SHA-1:
75f0a57ba1f11e6b33a54e05a28532016b452b2f

SHA-256:
ddbd345eb2832c45eb5aac4342c5659f67489e459de346ee4cd9c5aa3b8bb541

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 8:28:10 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-140426

File size:
8.4 MB (8,847,360 bytes)

Product version:
4.20.0

Copyright:
Copyright © Alexander Roshal 1993-2012

Original file name:
WinRAR.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/9/2012 2:19:15 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:mGnVuPOjtkPKRmV2qX7Tpk6KeJjaOnFBQaMMMMMMM:zncOjt2KkVzXqej//j

Entry address:
0x14A6

Entry point:
9C, 60, 68, 53, 74, 41, 6C, 68, 54, 68, 49, 6E, E8, 00, 00, 00, 00, 58, BB, B7, 14, 00, 00, 2B, C3, 50, 68, 00, 00, BF, 79, 68, 00, 34, 00, 00, 68, 20, 01, 00, 00, E8, 33, FC, FF, FF, E9, AB, FC, FF, FF, 55, 8B, EC, 83, EC, 10, 53, 56, 57, 8B, 7D, 08, 8B, 47, 3C, 8D, 5C, 38, 78, 8B, 03, 85, C0, 0F, 84, 92, 00, 00, 00, 83, 7B, 04, 28, 0F, 82, 88, 00, 00, 00, 8D, 34, 38, 8B, 4E, 18, 85, C9, 74, 7E, 8B, 56, 20, 3B, D0, 72, 77, 8D, 14, 8A, 8B, 4B, 04, 03, C8, 3B, CA, 72, 6B, 8B, 46, 20, 83, 65, 08, 00, 03, C7...
 
[+]

Entropy:
4.4630

Code size:
12 KB (12,288 bytes)

The file WinRAR.exe has been seen being distributed by the following URL.

http://dc311.4shared.com/download/.../WinRAR_420_Portable.exe

Scan WinRAR.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.