home

wrar531.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.win-rar.com.
MD5:
4e2753fd77b16d757fe1693ed9a830fd

SHA-1:
66a9f7c8d12f330fe08e83555d5fa30a08c69fc5

SHA-256:
b99b9b34f4c5e5be13bfa8a67c6a9f6d98c0aac8909dceb2fcf547dabba3f929

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:21:37 AM UTC  (today)

File size:
1.9 MB (2,019,808 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\wrar531.exe

File PE Metadata
Compilation timestamp:
2/3/2016 8:38:36 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:5o8JmvPav5tq8HBcxDzNBBjJcLN247+GUKm7cam1P:5o8Uav5xHBEBjJcLT7lUKha6P

Entry address:
0x61000

Entry point:
90, B9, 18, 98, 14, 00, 90, 90, 68, 26, 10, 46, 00, 5E, 90, 68, 98, 05, 00, 00, 5F, 90, 90, FF, 34, 3E, 31, 0C, 24, 8F, 04, 3E, 4F, 83, EF, 03, 90, 75, F0, 90, 90, 90, F0, E5, 15, 00, 18, 98, 14, 00, 18, 98, 54, 00, 73, 78, 15, 00, F0, 82, 08, 00, F8, B9, 08, 00, 18, 28, 16, 00, 19, 98, 14, 00, 18, 28, 56, 00, A6, 65, 56, 00, D6, 65, 56, 00, 8C, 79, 16, 00, A4, 65, 16, 00, D4, 65, 16, 00, 18, 0E, 16, 00, A4, 65, 16, 00, D4, 65, 16, 00, 18, 98, 14, 00, 18, 98, 14, 00, 18, 98, 14, 00, C4, 28, 56, 00, 38, 2A...
 
[+]

Code size:
164.5 KB (168,448 bytes)

The file wrar531.exe has been seen being distributed by the following URL.

http://www.win-rar.com/fileadmin/winrar-versions/partners/.../wrar531.exe

Scan wrar531.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.