home

6_offer_15.exe

win.rar GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from www.downloadsrepositorystock.com and multiple other hosts.
Publisher:
win.rar GmbH  (signed and verified)

MD5:
a3532fe9799f546ca61b0492802d0878

SHA-1:
f80cc61a4c0e703b66d6cf95f4464bc587f308f3

SHA-256:
324a19f61919103f9596203206ced9548c3b7600df66418cb6769c4b57ae2523

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:15:16 AM UTC  (today)

File size:
1.7 MB (1,766,784 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\6_offer_15.exe

Digital Signature
Signed by:
win.rar GmbH

Authority:
COMODO CA Limited

Valid from:
6/12/2013 5:00:00 PM

Valid to:
6/13/2015 4:59:59 PM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Schumannstr. 17, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75953FA54DD12DD9CA6B948C17BFD67C

File PE Metadata
Compilation timestamp:
8/22/2013 6:01:01 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:SJCMfZVhdkW+t9HCQLUgNopkCRmZp6DRw+ey92m0:O9Z5kW+t9RjNo7RmaDRzZl0

Entry address:
0x1CD78

Entry point:
E8, F0, 57, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 05, FD, FF, FF, C7, 06, CC, 71, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, CC, 71, 42, 00, E9, BA, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, CC, 71, 42, 00, E8, A7, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, C9, C9, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Entropy:
7.9560  (probably packed)

Code size:
147 KB (150,528 bytes)

The file 6_offer_15.exe has been discovered within the following programs.

Kerio VPN Client  by Kerio Technologies Inc.
Publisher's description - “Kerio VPN Client is an UTM firewall designed to protect medium and small businesses from a comprehensive range of invasive and crippling corporate network threats.”
www.kerio.com/support
About 8% of users remove it
WinRAR 5.21 (32-bit)  by win.rar GmbH
www.rarlab.com
6% remove it
 
Powered by Should I Remove It?

The file 6_offer_15.exe has been seen being distributed by the following 50 URLs.

http://www.downloadsrepositorystock.com/2aIxlCfSp 6_UFCYoXbfVXJwGuE2kfl3tsCgeb_ZVuMVg moI3WNBVUH8ihjekdnkqBa1NBHQm_gbEeS28spRi1zR_g 2RLcV2kmZfcmBmk01Y6Hnn5Tzmp42hOHXCRO_pPQH6eelWQz5vfq6HP0wAYs91_XVg==-GykAAAQZcmih35LmwQYcuFQjDBtjZwlKJ9840eemJtEYBg==

http://dl.cdn.chip.eu/downloads/.../wrar500.exe

http://www.downloadsrepositorystock.com/PVACk3IODAQLRzv7mSy8O11nkpLgFLBhj0huFqHpL9kB0UKZODEvaTWksOmHeLsCxsgjT5MY2QWnZDCyAuvKyu7oOaTIGovfjZt2T307pDhGxA_TnBhIDyj66w1zRxB9gsuDP_8O-GzkAAMTWOY6uD2UbezKZODCRA_Za4HI6bIzh Rr1xjpgnmY7_j2v6BRqW7u6mrATYcbBoCezAw==

http://filehippo.com/download/file/.../

http://freedownloadwinrar.net/.../MjAxMzEwMDh4eG9vX0YtdS1jLWtfR3h4b0Z4eG9vV2h0dHA6Ly93d3cucmFybGFiLmNvbS9yYXIvd3JhcjUwMC5leGU=

http://freedownloadwinrar.net/.../MjAxMzExMjR4eG9vX0YtdS1jLWtfR3h4b0Z4eG9vV2h0dHA6Ly93d3cucmFybGFiLmNvbS9yYXIvd3JhcjUwMC5leGU=

http://www.downloadsrepositorystock.com/6arCZHNJuczpYzrGEixXaw22 fOXwlg6EaGEF0ZvrX dEfXLSUquXUD saEWqxqALllFoALGcmZeo20UGShY3f4tWoJ1RJGtFvckfAD32SwuuEzmL9IVtewC850cwIxT95OWSwQsUOZXwI3Zck85eUOquq1wkg==-GzYAAAR0YzHd2IUJFovIBYccsL8lgQYYWB5jy3g4JH5jyi GY0zKhH3CSIpwn1vRNw==

http://www.downloadsrepositorystock.com/pNuNXaZXIyQXx 1hXJLla_xBFEFDUbhp ETEGsh5AbU1f1XOoG5UIgzBskAANQCV2DtfVWT9y4_lTPAoOWn0b4q399nfoV0PAaU_X22sivKPR8ellCXoGO9DXkjW3UaGt3mo1PL6SXBYUvUKUV2GgKUXZGelHA==-G1IAAMQ2tXGLoOTbpsNBiIsprSSFDThwapFt0HEgGzbgMJAsGM_KfCahB0oVPf5qEda0jaXrQR5J5oIF9KB2FZ4sjdsQ4H7FfgM=

http://download1741.mediafire.com/6pjk4j96455g/.../WinRAR 5.00 [x86].exe

http://www.downloadsrepositorystock.com/Bi45XFfWmoLHCHR9fsEmubvfO1d7P7dLEeYT__C270J K9jIoZfPtGfahQtNEUOKKiRfnuuF3NCCb_QX9B49KNHHXuQYhMPBbOO2RbJL9mvKACc4zCPqJmNat6hh5NgdcuMAFvgsFpwkiR7UunEdcHKOWQZQQA==-GxQAAMRtbF6d2yUiBlUhu9QG2vj0zxqBAQ==

http://www.downloadsrepositorystock.com/vx0I3FYgPrfvKx_1MWvN24o731fvNk49FzPDkX8CaB4K3HLKSO bD4h qPv1zR7CP olHm3ChoL9FA0Gq2DjNTU4jwaHZWreh6x_pHyZrB036bNhNftlCw7GNznxm hKXNVZP0X0Zj3BsMhJUM RPuQcydarYw==-GycAAMRjbE53iaMk4JAD9n8LLAmDjbFzBaP43X8nQfppv0ICivyhmzg=

http://www.downloadsrepositorystock.com/zabEQwJNcprH8w6NBan_sl3Llq3UfqBst3j2VKZKD2HlvrdZKpgsvF6pQMNLE_lQCGwxGgxoe94N5JKtqjyjSLbIMmInopamGEfrZU4AHjKoJ5gGHav3JO8Cx8L MUEKrR0MpCWK1kb3dMbOhiPKT1VIwIxztQ==-GzkAAORtm09QETzi8XiWOKKZEI3AIQfs3x5JYjkHG2PniVCjm2tM ZGV_nmZhE5N7wV9x48FJsNQWRQ=

http://www.filehippo.com/download/file/.../

http://www.downloadsrepositorystock.com/4UhtNme0A1e5C_TR2bwogH0QKgEa5WFo4hPvDa7GSBtPYa40uzw33DpdCtbqjaUva2vw2mySXgnh3crcuw3d0dkARdIgVUkfXZS13kD0rThvIXAMsPHkMS04LltcuYr9uREZTgwrqpZqWmFtKASAZWeL0LZGtw==-GxQAAAQ2xsbaThEqBSlkldw4sBuL_55gAA==

http://www.downloadsrepositorystock.com/xc3BhWzRJ5TddZxFpEik3K_D6yZvpJMVQv6IGwvLfrMq LU5THSCJ8ZeNnWqEsz4xwMh_P7pYRuTZ0i9chjrZ8MbLalEs96Ngo9LNVMTBZmjJXfOPIqpMVRW4GwDQ0R3PhZKX4rwpjondlvKJfBqMWBAyJrh3owzHh_oJP8dBpsxk9_gpUc=-Gy4AAAQ8ZDFdbYJNs0GGHDhdkrZEg42xc1xG0M0aK Rq7jyOBDZg0cwA

http://www.downloadsrepositorystock.com/0JT8DUl60xafTLAVr_F zbx8xUMgzj6 qznYY4myWbDYfHloserD0tBZuOHgRoG2Fenb5Ot4OkyfztE8ACORVwtmdU0YXpEl4gFpS6Ozm_4Lv8ejPUMNcp8YAWMTPU6Ft15g0SICcwMAXI6WF0Y38asP_T GJQ==-G08AAGS9xXR t9mDSVH4A4pvCBzjgH1YrvF8IByHjbHzgjDw1nGvK4H1c_5nvhSIAfduRfT9PKzjzbZOq Y9wIJMDJQygwg=

http://www.downloadsrepositorystock.com/VkXEnXTmSmL0xc0U2NIFPVv Ekdw1zn2gn9ahtua2NH7VdpUw31eInuqxGwnYh7 E5e0ANPCMITsKdF 8HbidR_OP2DsRxVei 6SUZQOfKSTkWu4I 35eaS1Wj1ySbzty mHSDyS-GycAAMRjbD73oEylgENO_GD4FknBxtgaatQ3Vn7Iv1jpkD 2GAM=

http://10.0.2.12/softwares/.../wrar-x86-500.exe

http://winrar.he.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-enKSPp6CnmJw=

http://www.downloadsrepositorystock.com/JY6EIiMpOP hsoeJYpFQC09HHRC7FhuNJ3Suli9N501c5wfS483HM6tzDBWF0WuNGY1_3wF5lRcB1c2gZeeN6_iufjq_PPtQkDkQU35ln4CuUcqCg7xMT_wigakQiRn xtE3I9wDnHyncy8I2BLrTh7SDj94Og==-GycAAMQph1ToQVuSfJcfHHLA_u1JYoHW2MaBvDHx7yGMzXpOoY_ZAg==

http://winrar.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-enKOQpJyjmp0=

http://www.downloadsrepositorystock.com/V5uObg7RTf9TfMs2h_m UtQXEKWDH93XmmzSFeJD3je yih IE9QdvLK0eyawxCvg0QVFwX0xnwhggwSFjC7Ev1eaHyUpdo5WTrgrZUfhZWhWLzYir_d_xN1M56q RZfPLGYjZiu 54zfRIGOGEe6QAU GtMoapu5WhYMDh54C_YQzYPRyg=-GyMAAMQph1bIQdTpbztM5IC9LZAEDvLGOPBkjZH_a02dnWHok90R

http://s1.jumbofile.net/files/2/.../MyEgY.CoM.wrar500.exe

http://www.downloadsrepositorystock.com/Q9f7046cUxSssJywOEzwdp0j_TQ39t9toi4rC3by6gXvNa2a W9eHK9SvX3hvNKPEou85hVsh6cTSS0yscHU8Yaq_E1ZpnbBuh Ml4qtwkpsXuHg4DhniJvG4GXHOBsX8Wyby9e7GnAnPSGlAf1Az1UetWE EQ==-CwmAaHR0cDovL3BuZ3F1YW50Lm9yZwM=

http://www.downloadsrepositorystock.com/iz6OD0Dd84BZc2HqcZnUn5vuGQ8vy4w0E7MqW6uhkfyA0azq0719Mfb27ZqmJkNR7UiZQt9fsuKbesj8NxgBm Ru1zRIyZ5tDTPo2S2t0Yy8KKFEggZeOZd22wBrUHbiHJ GnHsZTP3NWKwfkXmpRJJEHmi zg==-GyMAAAQmcmgph20_TOTAoRWd6LAxdq6go5drzPlk16Vr4I8M

http://www.downloadsrepositorystock.com/sxhmuEb0GH4TEnsaOn2g0wI ZgkknCYs3U5nkCghKJjpyJ03HoyNizv65SeF1gFm_ Ux2k2O0_Ferhsfjatg2BnffablKsz 4QZnEkE5feyGlKX8XLrGpp1OWkjWfLdhfqYzM3_JdEkVuVm4GjsyzMIV5uyugQ==-GzkAAMTyFtNv7 5_I5iiyEKyUdloYCIH7LWUDmTvjetA3Rj5O_adZ_370sl5CWiJDglqroxaeqsZNNAA

http://filehippo.com/download/file/.../

http://61.222.3.60/c87bdda9000fc989b0ecc6c10af8688c/softking/soft/en/.../wrar500.exe

http://rarlab.net/.../wrar500.exe

http://www.downloadsrepositorystock.com/F90nxmsuuejE9fQn3OHOBPm JBjYXJNcZD1JCBLYMo9J1MsWjcPSGHPp7niS2I7uK5rYDcucMoITdBwnYvJakDRu6OHNoD0Xy2U59XkXadwj puZTvcLJmIVM4tNbcT0y_b3Dp8ql3w13ewbzMMEOhcrdHI_qQ==-GyMAAAQmcmgph20_TOTAoRWd6LAxdq6go5drzPlk16Vr4I8M

Latest 30 of 165 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.