home

archive.rar.exe

Загрузчик

GRAND MEDIA LLC

The executable archive.rar.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Корпорация  (signed by GRAND MEDIA LLC)

Product:
Загрузчик

Version:
2.0.0.1

MD5:
a5ec363b1db952f2edd00a08f71fcf0b

SHA-1:
5bda40db378de66e2f5f86275725f124ceb5b8c5

SHA-256:
f4d2b54e630f634022a6545ebea6c3acedb720edd99a9ff443edbcacf4d0a9b3

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/14/2025 1:19:26 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.5.7

File size:
3 MB (3,108,560 bytes)

Product version:
2.0.0.1

Copyright:
Copyright CNS (C) 2015

Original file name:
app.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\archive.rar.exe

Digital Signature
Signed by:
GRAND MEDIA LLC

Authority:
COMODO CA Limited

Valid from:
3/12/2015 2:00:00 AM

Valid to:
3/12/2016 1:59:59 AM

Subject:
CN=GRAND MEDIA LLC, O=GRAND MEDIA LLC, STREET="office 4, 74, Velyka Arnautska street", L=Odesa, S=Odeska, PostalCode=65045, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
6DB4D6451840481B470CABBD55471AA0

File PE Metadata
Compilation timestamp:
10/21/2015 12:34:41 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1000

Entry point:
B8, 0C, A8, C5, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 0B, F7, 94, 82, 81, C3, AD, B1, F9, 7F, 35, 2D, 1C, E6, 8E, B7, 52, 70, 24, D5, EE, 8C, A1, E0, 9A, 1D, D3, DB, 98, 21, 81, 52, BA, 10, CC, E8, A0, 66, A9, 7D, 89, 71, 36, B9, 6F, C8, B1, A5, F8, C1, 56, BC, 0C, A6, 30, 60, CA, 62, 1F, B8, C0, AE, 50, CB, B6, 29, 20, 46, 6E, B2, 39, 69, 5D, D0, 7D, DA, 42, 26, E5, A4, 4E, F1, 2E, 9E, CC, 70, 63, 3D, 22, 88, CA, BD, 38...
 
[+]

Packer / compiler:
PECompact v2

Code size:
6.1 MB (6,346,240 bytes)

Remove archive.rar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.