WinRAR.exe

WinRAR

win.rar GmbH

WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats. This is installed with multiple programs including WinRAR 5.20 (64-bit) and WinRAR 5.21 (64-bit). The file has been seen being downloaded from dc104.2shared.com.
Publisher:
Alexander Roshal  (signed by win.rar GmbH)

Product:
WinRAR

Description:
WinRAR archiver

Version:
5.31.0

MD5:
bd461fffa0d19e15d6223fe0c2ff7a51

SHA-1:
c5cef334bacd0fa5d01cbf6c4c21350f42f975c6

SHA-256:
492404a16bb299b23bbe0cb08ed6a7d71bd370dc51393f6845d00726bf4fbc2e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:28:42 PM UTC  (today)

File size:
1.5 MB (1,540,096 bytes)

Product version:
5.31.0

Copyright:
Copyright © Alexander Roshal 1993-2016

Original file name:
WinRAR.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winrar\winrar.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
6/1/2015 8:00:00 AM

Valid to:
6/1/2017 7:59:59 AM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Marienstrasse 12, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FE46A10AD94269C3DD225C13645352E4

File PE Metadata
Compilation timestamp:
2/4/2016 3:37:48 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:ZR/8QIA5n/c5pkVj3nU1H2WpeON6lMrtYDmDgFLfe7MMMMMMsX:v/qa42Vj3nUAWcONgipMMMMMMs

Entry address:
0xF01A0

Entry point:
48, 83, EC, 28, E8, F3, 93, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 20, 48, 8D, 59, 1C, 48, 8B, E9, BE, 01, 01, 00, 00, 48, 8B, CB, 4C, 8B, C6, 33, D2, E8, BF, AB, FF, FF, 45, 33, DB, 48, 8D, 7D, 10, 41, 8D, 4B, 06, 41, 0F, B7, C3, 44, 89, 5D, 04, 44, 89, 5D, 08, 44, 89, 5D, 0C, 66, F3, AB, 48, 8D, 3D, 2A, 24, 04, 00, 48, 2B, FD, 8A, 04, 1F, 88, 03, 48, FF, C3, 48, 83, EE, 01, 75, F2, 48, 8D, 8D, 1D, 01, 00, 00, BA, 00...
 
[+]

Entropy:
6.3118

Code size:
1 MB (1,075,200 bytes)

Shell Open Command
Open type:
WinRAR

Command:
"C:\Program Files\winrar\winrar.exe" "%1"


The file WinRAR.exe has been discovered within the following programs.

WinRAR 5.20 (64-bit)  by win.rar GmbH
9% remove it
WinRAR 5.21 (64-bit)  by win.rar GmbH
www.rarlab.com
5% remove it
WinRAR 5.30 (64-bit)  by win.rar GmbH
10% remove it
WinRAR 5.30 beta 4 (64-bit)  by win.rar GmbH
11% remove it
WinRAR 5.31 (64-bit)  by win.rar GmbH
6% remove it
 
Powered by Should I Remove It?

The file WinRAR.exe has been seen being distributed by the following URL.