home

WinRAR.exe

Alexander Roshal

WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats. The file has been seen being downloaded from www.cch-oriente.unam.mx.
Publisher:
Alexander Roshal

Description:
WinRAR archiver

Version:
3.42

MD5:
35993c9f4d91caf45af00c73c9179b95

SHA-1:
d8e3afc1ac217ef1902c8b09b19b1f12faf6cdaf

SHA-256:
4a702b37e4ea6b76a0f0babf3dfe15381d7dadf4db7a9ba5221dec29f7283e17

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 8:44:41 AM UTC  (today)

File size:
827.5 KB (847,360 bytes)

Copyright:
Copyright © Alexander Roshal 1993-2004

Original file name:
WinRAR.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\winrar.exe

File PE Metadata
Compilation timestamp:
12/26/2004 9:33:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:sF0rOyNF5ZjV60QEXIQd29PWz6DMMMMMM:y0ayNF5ZjrzYQd8PfMMMMMM

Entry address:
0x1000

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, B4, 11, 49, 00, A1, A7, 11, 49, 00, C1, E0, 02, A3, AB, 11, 49, 00, 52, 6A, 00, E8, EF, EE, 08, 00, 8B, D0, E8, D6, 4F, 08, 00, 5A, E8, D8, 42, 08, 00, E8, CF, 4F, 08, 00, 6A, 00, E8, CC, 62, 08, 00, 59, 68, 50, 11, 49, 00, 6A, 00, E8, C9, EE, 08, 00, A3, AF, 11, 49, 00, 6A, 00, E9, DF, CF, 08, 00, E9, FA, 62, 08, 00, 33, C0, A0, 99, 11, 49, 00, C3, A1, AF, 11, 49, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, AC, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.3315

Code size:
576 KB (589,824 bytes)

The file WinRAR.exe has been seen being distributed by the following URL.

http://www.cch-oriente.unam.mx/.../WinRAR.exe

Scan WinRAR.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.