home

WinRAR.exe

WinRAR

win.rar GmbH

WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats.
Publisher:
Alexander Roshal  (signed by win.rar GmbH)

Product:
WinRAR

Description:
WinRAR archiver

Version:
5.1.0

MD5:
2131509b5b4e81557101d634e8913c6c

SHA-1:
5467390ce0a44b8c8bac3e92e824bef8e8032148

SHA-256:
16af6e277e50e7c014b311e574232d146010d5f5a47a8f83505336d414b098d9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 5:33:06 PM UTC  (today)

File size:
1.2 MB (1,238,480 bytes)

Product version:
5.1.0

Copyright:
Copyright © Alexander Roshal 1993-2013

Original file name:
WinRAR.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winrar\winrar.exe

Digital Signature
Signed by:
win.rar GmbH

Authority:
COMODO CA Limited

Valid from:
6/13/2013 3:00:00 AM

Valid to:
6/14/2015 2:59:59 AM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Schumannstr. 17, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75953FA54DD12DD9CA6B948C17BFD67C

File PE Metadata
Compilation timestamp:
12/1/2013 11:07:35 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:raTlRWI799VGQsoidUMpkmOxP++Y34IyLJnMMMMMMDvtg:rWfspkJP+7IIEMMMMMMri

Entry address:
0xC6F39

Entry point:
E8, 90, 8C, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, A0, A0, 58, 00, 89, 0D, 9C, A0, 58, 00, 89, 15, 98, A0, 58, 00, 89, 1D, 94, A0, 58, 00, 89, 35, 90, A0, 58, 00, 89, 3D, 8C, A0, 58, 00, 66, 8C, 15, B8, A0, 58, 00, 66, 8C, 0D, AC, A0, 58, 00, 66, 8C, 1D, 88, A0, 58, 00, 66, 8C, 05, 84, A0, 58, 00, 66, 8C, 25, 80, A0, 58, 00, 66, 8C, 2D, 7C, A0, 58, 00, 9C, 8F, 05, B0, A0, 58, 00, 8B, 45, 00, A3, A4, A0, 58, 00, 8B, 45, 04, A3, A8, A0, 58, 00, 8D, 45, 08, A3, B4, A0, 58...
 
[+]

Entropy:
6.3936

Code size:
858.5 KB (879,104 bytes)

Shell Open Command
Open type:
WinRAR

Command:
"C:\Program Files\winrar\winrar.exe" "%1"


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.