wrar531es.exe

win.rar GmbH

This is a setup program which is used to install the application. This is installed with WinRAR 5.31 (32-bit). The file has been seen being downloaded from www.winrar.es and multiple other hosts.
Publisher:
win.rar GmbH  (signed and verified)

MD5:
d7610672d1c51b1c8c59c6760617b4b1

SHA-1:
943fc7eadf45f69dd4bfc786fe5df3026bfb6a24

SHA-256:
6dea84d4ec7c2307213174ceb895be502cf2fe87dc74baef36f5d39e72366668

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 12:53:55 PM UTC  (today)

File size:
1.8 MB (1,906,448 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wrar531es.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/31/2015 7:00:00 PM

Valid to:
5/31/2017 6:59:59 PM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Marienstrasse 12, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FE46A10AD94269C3DD225C13645352E4

File PE Metadata
Compilation timestamp:
2/3/2016 2:38:36 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:32yaOirlQh7mTHqSH9CBWkniZLy74VvC/lZE52OK:32y+rFrhCBWknaiSq/lQ2OK

Entry address:
0x1E06B

Entry point:
E8, DF, 65, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 82, FC, FF, FF, C7, 06, 74, C8, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 74, C8, 42, 00, E9, 37, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 74, C8, 42, 00, E8, 24, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 6E, CA, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Entropy:
7.9490  (probably packed)

Code size:
164.5 KB (168,448 bytes)

The file wrar531es.exe has been discovered within the following program.

WinRAR 5.31 (32-bit)  by win.rar GmbH
www.rarlab.com
3% remove it
 
Powered by Should I Remove It?

The file wrar531es.exe has been seen being distributed by the following 50 URLs.

https://www.winrar.es/.../52?PHPSESSID=46f54e78f470fc87f2186fa165fc79c4

https://www.winrar.es/.../52?PHPSESSID=cf2338c04ddcd0a814dc0f5cef375c9f

https://www.winrar.es/.../52?PHPSESSID=c81d670cccc6ac01e56a027dbf5ca011

https://www.winrar.es/.../52?PHPSESSID=e2dd0c5d891295d1faaa346998cfb419

https://www.winrar.es/.../52?PHPSESSID=863f89e128c7b9e5c191be4ff64d6109

http://d.winrar.es/d/52z1458135859/.../wrar531es.exe

https://www.winrar.es/.../52?PHPSESSID=711252fb46145b7e5d4ea65bbd5642ec

https://www.winrar.es/.../52?PHPSESSID=e436ba00144d63fbc4636adda506d356

https://www.winrar.es/.../52?PHPSESSID=d53f7127aad8b94dfe07a28881287159

https://www.winrar.es/.../52?PHPSESSID=e91d17fdd798daf58832e7dad6e2b52b

https://www.winrar.es/.../52?PHPSESSID=a788c2df5dd415d77a90643a1f584c40

http://d.winrar.es/d/52z1457119787/.../wrar531es.exe

https://www.winrar.es/.../52?PHPSESSID=8bd5867b8f91e4ee8e3f221d3374876f

http://www.winrar.es/.../52?PHPSESSID=0cd2dab67ffc4a59ce494db3076fa921

http://www.winrar.es/.../52?PHPSESSID=709e4ec8f1badde3783684bc2221956a

https://www.winrar.es/.../52?PHPSESSID=239e4e7d5b9a02e833ac9f87dcbb5dc4

https://www.winrar.es/.../52?PHPSESSID=b7a7325f3ecb654cdf9806c693c658db

http://d.winrar.es/d/52z1465313744/.../wrar531es.exe

http://winrar.es/.../52?PHPSESSID=28694827fa7a69ef4ec40d120698bc7d

https://www.winrar.es/.../52?PHPSESSID=e0c058644f31f0ad62f66deeda76411a

http://d.winrar.es/d/52z1472321391/.../wrar531es.exe

http://d.winrar.es/d/52z1457884998/.../wrar531es.exe

https://www.winrar.es/.../52?PHPSESSID=03b8300d981cb3e4d1fb597873f7dde4

https://www.winrar.es/.../52?PHPSESSID=d4cf8caf467c390f83ab6de07617f5f7

https://www.winrar.es/.../52?PHPSESSID=1436c06c14ed3dd63443a14c33f38029

https://www.winrar.es/.../52?PHPSESSID=32aaa2e99015c5378b1360b184aadd26

https://www.winrar.es/.../52?PHPSESSID=6597ecf7f22b593977ec3a3e14d24e51

https://www.winrar.es/.../52?PHPSESSID=d29327d493a0afc56d176a512ac5d5f6

http://d.winrar.es/d/52z1470273484/.../wrar531es.exe

http://www.winrar.es/.../52?PHPSESSID=0ac449e51927403ed9f928ed88eda789

Latest 30 of 2,350 download URLs