» WinRAR.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (3)
Downloads (109)

WinRAR.exe

WinRAR

Alexander Roshal

WinRAR provides the full RAR and ZIP file support, can decompress CAB, GZIP, ACE and other archive formats. The file has been seen being downloaded from s6589.chomikuj.pl and multiple other hosts.

File name:

WinRAR.exe

Publisher:

Alexander Roshal

Product:

WinRAR

Description:

WinRAR archiver

Version:

4.11.0

MD5:

bd3165a325f222f642f743b6cf2937ed

SHA-1:

83323c7e032feccc5b64354e1beb70e97d16a5f8

SHA-256:

4fcff4248eda0e31e6f785d812c524f1d58a3cafbd76f2a6da4f1c0ab3976a8a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/21/2024 10:37:45 PM UTC (today)

File size:

1.1 MB (1,150,464 bytes)

Product version:

4.11.0

Original file name:

WinRAR.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\winrar\winrar.exe

File PE Metadata

Compilation timestamp:

2/17/2012 9:54:45 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:aH0OPKc3APvIqGLiit8TFbw+xhwe7ALNB7MMMMMM74Q:tkHoIjLiicfxOe7AZNMMMMMM

Entry address:

0xB3F66

Entry point:

E8, D8, 9F, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, 0B, 62, 00, 00, 89, 45, 0C, 8B, 46, 0C, 59, A8, 82, 75, 17, E8, E3, 02, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2F, 01, 00, 00, A8, 40, 74, 0D, E8, C8, 02, 00, 00, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, 89, 5E, 04, A8, 10, 0F, 84, 87, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B, 46, 0C, 83, E0, EF, 83, C8, 02, 89, 46, 0C, 89, 5E, 04, 89, 5D, FC, A9, 0C, 01, 00... 
[+]

Entropy:

6.4171

Code size:

783.5 KB (802,304 bytes)

Shell Open Command

Open type:

WinRAR

Command:

"C:\Program Files\winrar\winrar.exe" "%1"

The file WinRAR.exe has been discovered within the following programs.

WinRAR by win.rar GmbH

WinRAR is a shareware file archiver and data compression utility that is able to create RAR archives natively. WinRAR supports RAR (WinRAR native conversion format) and ZIP archives, and unpacking of ARJ, LZH, TAR, GZ, ACE, UUE, BZ2, JAR, ISO, EXE, 7z, and Z archives.

www.rarlab.com

4% remove it

WinRAR 5.31 (32-bit) by win.rar GmbH

3% remove it

WinRAR archiver by win.rar GmbH

WinRAR archiver is a shareware file archiver that is able to create RAR archives natively.

12% remove it

The file WinRAR.exe has been seen being distributed by the following 50 URLs.

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsriryzgwdlohZW1bfOxcbKuFjfFRDlh61STzMzvckTjcmOQCubjUivIXAbAvMEvqAr8cEg8KgsSlZcOmmySuzFPSq1sDDpAl1MnanXo5RUrM1g&pv=2

http://s8902.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhosRhdjn6-w_7x_uzYtpBQ7Wpvt49OjFDUDmQCc0Hsg3ZknsqFhGo7gZJTKy9-Ojxl8HcLLvXXJS7tYnSpaS9scTuxD0EiPlfY7628TpoMyg&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsriT3nEfUvJm28Aiv54spwnjjX_-vqaMclIHnMusA7wjYDCx4wp9suFkCE8-aCOll68pgMDJ5G3-T5i51Vr046z8Th4xJejU7sg6IPIq0GOMBQ&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsri_80l8xLtRuhdoIFKySXkACschZAWa1kySAJxxV58ONkdpqcM94OCU4cdLW0P081RfvOLGeSRiwXZxD-psTrjRlh5NOUiQEZLAy7oLU2n3ng&pv=2

http://s3171.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhIKcpyxkh8G-7pue30aLcMZviydWgaExS-w1jjRLDkx5WN0ISh4wtUJfbnpfYDI7COfeGw1oyXPF2DANVfi4lfiNVtVg2Q0nigKGTi86TAfA&pv=2

http://s8902.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhJ0Aw8RoA8SIH7RcESdWVgKw1epD-lnerTBhSMYDD0JYIf3ubExZv92uuHDY8qUpM78bdQggwp7vUUvouaLmAVPNn114dWq4Xq-xNWZrfaKg&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrg8R2JG-QCL4qk4GCujNO0SMcD9bYyDhj9k5gHDjfBtuq4WfRPrVS0U3mkEN9ZIsX75-l7Qo9CC-X2doZ1gBZyDQa_zysC3vaRuMydoL6TrSA&pv=2

http://s3171.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsriuN5R11NCpKGgGWkBmGhm1T_2vMlg7nulLg_J-QEOmVCACzawOPu1x1uI9ods2Us_AagruYBcoXh4vhkqiXf4de1Y4oWgFEJayxpNxfzxfXQ&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrjmR-5ywsvPkB0e7f5mwHE0kNihxdGGsDeSkY4zGJff234dZQrD7PzlyYQnAWpsWEG76VPMkx1di8XQ-PlRL4HEgzjwM1eKJOwBXdPEIiBKwA&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrjMlc1ESATvbby7QE7PtydyhsPJNxbBZXk93xGzF-yG9OXB8xUBwfEinECps2sABsj0PWFAEBEAwkrsXrNSY8lukL9-OLTJUL9ZYYhg8GPHZw&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhMECGcWNIBOu60QC8abwWqxRFKWdpOxLMYwaFX9UQsQ26fEC-jgrnyHt4ESQb9eGk-U9L0CkU3ESiris1j3RjluL4Z5HRH7VUrEJl1oOjvOQ&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrgpJqYZPwWkWV1qypyFG-PPOI6vzkj5MCVtemtglHAQ2kfkkhXt1Mxxr0wW-2bIqv__qlQC4Ygau0dxrz7q9sBzl-IyPRH9lZ30LnwinLB_Kg&pv=2

http://s8902.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrjX_REv2tMS4ghSBI41Rk9LuOo-E-jYyiB34pE6TZuwm1LoxOYC0P3BXLBcCrR94Uz6K4y8SSulyg5AZVXdIUjWxQrwG6YxJbYFFeAcPZkBpw&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrgSgE_0xYcH3OJMa1YTlv3CSdEXVKhS6EHz2ZWXJE66iJSMt3Bxgu5mwkozaKm0-gVl9lSdW78Ck9gVrY8dsax0Be3x0CU3Kb5TbfWI85ST3A&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhLj2mamNsn8ySO-E9glRS9GmKB52V43Am0Uo8avogcHRi7t3xVckEhg6SdTFVN5hSCyLMfLf3XLwtM2rFg7aSSWSmimhT_b_1pPDw2SEb4mQ&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhrsb2UQBzvkoSX8rAODp1UF0lowZdQbFWhzp-jtQ2mP60qlf6NS5OS76E0m9q95hJsh1JytKutQWz5tGt0RFnNCq954y7pH5kytcJ1WcY8hw&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhr-T8WZ6BQl6NzVXdz9eK4ygfT_BnQDn8MhHyJIN7WwGK-MVRYQxG5uhKYvyBj-ITRxT4yVtAH9A2q5YSpPBlrzIF_nEUDj_lBvwUL7dkG1g&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrgCeUzLoSacM5SzxN5_ISoQSCgQjI3sjiYJok0otsZAyQJNUgQu7eoRjPTgUP-OsJqPbZd1Y6WrNJtY0Lp1DYd7RV3Em-YbF1B7zQVp2seJHg&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrg363W3G8QsLSaSktJV0Zr21YpGAu3CeCpRuYhcCbm4LZAalv1nWOPdv40PaL6itLFuY_UYZQACOAYOX85vh98EJkCUpMl7ZFeBD68YDKYcdQ&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhXtozJ6-QayOO3JchIno0lECXcRz_0DrgdLGOMYPDa8pvYkuS9glWlAEgcgyeyXcL_g68_VhycZx3qDHsrsZ6m8hXYrHapiam9v9QnRUuSlg&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhBLw7JKS4FS51GvlfsYqI2GdX1PV8C9VBJe3VVBDK9Mdhl1Hwe6MsNPbshIXLjLw6r5_4IMhcS8MRht8rXTQibZmPIdyKxviphGhDWEiEaJQ&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrgdRvtaG8ZWDhSRB201oLtoyJLfrJ-0WeeVFxjEhQdEwHHckPnBIMet7QT6IvX6KCHoQDjEc5HaNIHggb-CD0GrkpOZ0HRlTEI0vOi6iTSCDQ&pv=2

https://mega.nz/temporary/.../YFsF1aBR

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsriAKSBZb699iaUe8SQLOeiBCbO15bx5igx-UCLwo1zPxvUhThF9wFultcSexkQM7CP5eC5srduljWmh1GatOsaMc25efu1e4b_RoXFyuom8eg&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrh0hxVP_pcYB4EuVlkd8PP3oawPVhmy99I7eHNhzqI5IF9YxII8HVwMfVNdBIzMSPIGSlFUGrXCT5SfKi1vicWWMtLhqcI15kamLB1fh_DsCw&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsri78wNScgfvmC0jyYgVefibfkYnCbKusJsH-AG90Bcpnu7sQ11VpeAhvrOTutv8oxRqMRoJRhsNtx-ULE4mhl2l8DRVpCC1kd0tBv0FaaGXyw&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrjrrCz2ZWZE5cTULYpBh-2lOdzzJmJLdxOAbawc7qYWjKK5VbcFYj4KgbfUkfcx91GB7t-J7Wxso7f9ygpSpHuBX1QPIoFpRZVzzvo44eJ9xA&pv=2

http://s3171.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrgdi3xrDznydZ5BeT_pulOUhYXlGS5jzhvbydX0w7-PYo8NgG5yVu3Vbr8WErFv4CSpO8L5-m2pTFzm91wK6abFleACYb1Re5fQQ_eJQvLPDA&pv=2

http://s6589.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsri4DuMEP6tiET1Af58leDK-5Suk-jvSpeF2NRDQLuc7gZFHSaAs4y1vJoXfQ9Pk7IrQJ0v6y3Hkw3Zlei411gsLNCO-mpuHon9SCPxvbGhhOg&pv=2

http://s3171.chomikuj.pl/File.aspx?e=21syzfRAUGI1hgam979yng1JgJuBF3Poo-wckCNQsrhna_hbm_mwaze-8x0pbhsrzhwxFku7e1kiSYoO03w8DD8yd8IHbfP3r9EakSmHSMNt7LikGW_XCiM7-U3hcSCYL-RxqK-rIAotU3nZcILqkQ&pv=2

Latest 30 of 109 download URLs

Scan WinRAR.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.