WinRAR.exe

WinRAR

Alexander Roshal

WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats. The file has been seen being downloaded from box64.yxdown.com.
Publisher:
Alexander Roshal

Product:
WinRAR

Description:
WinRAR 压缩文件管理器

Version:
5.0.5

MD5:
4e6c73844557cc37747d1c0d2e8eeb20

SHA-1:
d15adda2d00ac174e83c0f1d351b44a1fac539c4

SHA-256:
c2ab3c9b59f2168fd41e39d4f8d6e0731740d7fd7cf9a91a2340e684ea0610db

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 2:24:06 AM UTC  (today)

File size:
1.1 MB (1,201,152 bytes)

Product version:
5.0.5

Copyright:
版权所有 © Alexander Roshal 1993-2013

Original file name:
WinRAR.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\winrar\winrar.exe

File PE Metadata
Compilation timestamp:
6/3/2013 3:37:43 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:gznORZNguQDQuPUcJTHuhG+jIZOzeFXCpgz4ntnMMMMMMPPFt:3gXTH0jvqFSpgc1MMMMMMH7

Entry address:
0xC5D39

Entry point:
E8, AD, 8C, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, 99, 58, 00, 89, 0D, 74, 99, 58, 00, 89, 15, 70, 99, 58, 00, 89, 1D, 6C, 99, 58, 00, 89, 35, 68, 99, 58, 00, 89, 3D, 64, 99, 58, 00, 66, 8C, 15, 90, 99, 58, 00, 66, 8C, 0D, 84, 99, 58, 00, 66, 8C, 1D, 60, 99, 58, 00, 66, 8C, 05, 5C, 99, 58, 00, 66, 8C, 25, 58, 99, 58, 00, 66, 8C, 2D, 54, 99, 58, 00, 9C, 8F, 05, 88, 99, 58, 00, 8B, 45, 00, A3, 7C, 99, 58, 00, 8B, 45, 04, A3, 80, 99, 58, 00, 8D, 45, 08, A3, 8C, 99, 58...
 
[+]

Entropy:
6.5109

Code size:
854 KB (874,496 bytes)

Shell Open Command
Open type:
WinRAR

Command:
"C:\Program Files\winrar\winrar.exe" "%1"


The file WinRAR.exe has been seen being distributed by the following URL.

Scan WinRAR.exe - Powered by Reason Core Security