wrar530.exe

win.rar GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from www.safemegachuckle.com and multiple other hosts.
Publisher:
win.rar GmbH  (signed and verified)

MD5:
0ef2e6992a53ea161c92880908a7b2d8

SHA-1:
e55b97177cd2bd02b1f82722167cad2a7253f4a6

SHA-256:
737edcf738d60108a22f4ae9f7621c0f3e7bd1c8a56fca7980a1b91f93b9cfe9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 1:31:25 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Detection.Undefined
7.0.302.0

File size:
1.7 MB (1,786,184 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\winrar v5.30 final (x32-x64) en\wrar530.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
6/1/2015 3:00:00 AM

Valid to:
6/1/2017 2:59:59 AM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Marienstrasse 12, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FE46A10AD94269C3DD225C13645352E4

File PE Metadata
Compilation timestamp:
11/18/2015 11:15:31 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:9zfJwW+lgY+US+Emst/jxr1P2KOViBTp+:9zfhXT+7shZxTU

Entry address:
0x1D4DC

Entry point:
E8, 84, 63, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 81, FC, FF, FF, C7, 06, C8, B2, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, C8, B2, 42, 00, E9, 36, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, C8, B2, 42, 00, E8, 23, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 8D, CA, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Code size:
161.5 KB (165,376 bytes)

The file wrar530.exe has been seen being distributed by the following 50 URLs.

http://www.safemegachuckle.com/c?x=S2EjET22mp0L8ed2x3xai27rZZaDcuQK/kUU ceUgp4=&c=VlXrnGjr2/1RD3dRxRaKncOT4mmI9DjFOVlBpH7E9DSdQlyhZ2I9ZDstcn1F /okDn s/9ZE2TE/yhJ/fMBEw6i9N10QkRJ32W0TuQ88QY9AwHrwXrWvKpMbMv8gWXI7AzvWKB8KqZVWQCwPPZjoA==&e=0&downloadAs=WinRAR Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/94/.../wrar530.exe

http://www.tamindir.com/indir/MjAxNS0xMS0yNCAyMDozMDoxMg==/winrar/windows/.../

https://www.winrar.es/.../37?PHPSESSID=864f2954ab2d46feda3999634587aa45

http://filehippo.com/download/file/.../

http://www.tourbodycontent.com/c?x=4i/2cmv7WFEDRhJ5R/NJI6mcgLEXE F S7fzAmAYOF0=&c=yoY5pqU80PM8sYKkAIOcPyPPI4AwxHvpY8FJkOrEAqf1sqRvoM9VVgiGrY1s0HT5Dh5PNv8wKWm2F84AOCTjXn BDbanwvy4OI7VItO7l1t9SIMTdyn7aqHR9AyoolK2&downloadAs=WinRAR Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/94/.../wrar530.exe

http://www.filehorse.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.slunecnice.cz/sw/winrar/stahnout/38147/.../?md5=1lfzcRpME2vs4XFF65pAlw&expires=1449077305

http://filehippo.com/download/file/.../

https://www.winrar.es/.../37?PHPSESSID=cc84e58eda8908d6ec58cfb4c3ee5630

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.tamindir.com/indir/MjAxNS0xMi0wMiAxMjoyNjowMw==/winrar/.../5.30

http://www.tamindir.com/indir/MjAxNS0xMi0wNyAxODoxOToyNg==/winrar/windows/.../

http://filehippo.com/download/file/.../

http://www.filepuma.com/file/1450187659c10205/winrar_32bit_5.30/.../0/

ftp://192.168.1.221/.../wrar530.exe

http://www.filepuma.com/file/1451159878c10205/winrar_32bit_5.30/.../0/

http://www.filepuma.com/file/1451921500c10205/winrar_32bit_5.30/.../0/

https://www.winrar.es/.../37?PHPSESSID=5ddb79e6f5ff845f25cadd69ad36849c

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.tourbodycontent.com/c?x=uuvDdcFQ59Xk7GNkzTuWoYSI6PpXYAtuOJtcqS6UPkY=&c=pP2Vo214YAyZtKdNH/dLpunlrJaW0vlitIuBOgHDygRc8jtdWlXGvzBGTXM EsIKJe63uUTMJnuxdrct5JaheVwjVogPL0V 2CFRhugDdm5K6G6WbVjD6T5Oj8FXjpVj&downloadAs=WinRAR Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/94/.../wrar530.exe

http://209.74.107.130/winrar5.30.exe

http://filehippo.com/download/file/.../

http://192.168.43.1:33455/static/storage/emulated/.../wrar530.exe

http://fs41.filehippo.com/4606/.../wrar530.exe

http://filehippo.com/download/file/.../

http://d.winrar.es/d/37z1450203672/.../wrar530.exe

http://filehippo.com/download/file/.../

Latest 30 of 406 download URLs