home

winrar_4.20_corporativa__x64_.exe

MD5:
713056df11b8a57f0ae6f06dee97d72d

SHA-1:
066950422e83f741b86d83efe63ca01a68460b3c

SHA-256:
4be29a6ea5eead7c8282aa2da9e043cf5de8a5229e22a65aad29ae03eb4afcc0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 2:19:01 AM UTC  (today)

File size:
7.5 MB (7,859,924 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\winrar_4.20_corporativa__x64_.exe

File PE Metadata
Compilation timestamp:
2/17/2012 9:55:33 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:YV3otN2suZfMMMMMMxJzVakJlUOVDNMcHhmViL+xGuAjOW/5kby:IYtN2suFz2OVDGcHyu+cudW/5kby

Entry address:
0xD148

Entry point:
48, 83, EC, 28, E8, 9B, FE, FF, FF, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, 83, C4, 28, E9, DC, 39, 00, 00, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, F9, 48, 89, 11, 48, 8B, CA, 48, 8B, DA, E8, 05, 8A, FF, FF, 48, 89, 47, 08, 8B, 83, 24, 0C, 00, 00, 48, 8B, 5C, 24, 30, 89, 47, 10, 48, 8B, C7, 48, 83, C4, 20, 5F, C3, CC, CC, 48, 83, EC, 28, 4C, 8B, 09, 41, 8B, 81, 24, 0C, 00, 00, 39, 41, 10, 75, 0F, 48, 8B, 51, 08, 45, 33, C0, 49, 8B, C9, E8, 6A, 90, FF, FF, 48, 83, C4, 28, C3, CC, 48, 83, EC, 68...
 
[+]

Entropy:
7.2613

Code size:
86 KB (88,064 bytes)

The file winrar_4.20_corporativa__x64_.exe has been seen being distributed by the following 4 URLs.

temp:WinRAR 4.20 Corporativa_x64.exe

https://mega.nz/temporary/.../ENBEWbBR

blob:AD04934F-1F5C-4A04-A09B-D05501087016

http://pr23.rapidgator.net//.../index&session_id=JvwfKtNp4LnLYua4BmFAoDagBFMUZx2e

Scan winrar_4.20_corporativa__x64_.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.