» winrarsetup-11550928-zbsb.exe
Overview
Analysis
File Details

winrarsetup-11550928-zbsb.exe

The program is a setup application that uses the Inno Setup installer.

File name:

MD5:

aaf69468e6ee733783b3f9b92668738e

SHA-1:

630f4d9dbfbc29607824e3b64c9be0c27644637d

SHA-256:

ef2c9a178029e61cd6f9782619f15c37afb549d8e39051a8404ac15378773195

Scanner detections:

19 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/26/2024 12:51:14 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.InstallCore

7.1.1

Avira AntiVirus

ADWARE/InstallCore.Gen7

7.11.144.48

AVG

Adware Skodna.Bundle.CA

2014.0.4189

Bkav FE

W32.Clodd4d.Trojan

1.3.0.4613

Comodo Security

ApplicUnwnt

18124

Dr.Web

Adware.InstallCore.133

9.0.1.0305

ESET NOD32

Win32/InstallCore.DO (variant)

8.9160

Fortinet FortiGate

Riskware/FirseriaInstaller

11/1/2014

F-Prot

W32/InstallCore.R3.gen

v6.4.7.1.166

K7 AntiVirus

Unwanted-Program

13.176.11806

Malwarebytes

PUP.Optional.Installcore

v2014.11.01.02

McAfee

Artemis!5BF518743A65

5600.6960

NANO AntiVirus

Riskware.Win32.InstallCore.dfuuot

0.28.2.62671

Qihoo 360 Security

Win32/Virus.Adware.94c

1.0.0.1015

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.141030

Sophos

Install Core

4.94

Trend Micro House Call

TROJ_GEN.F47V1120

7.2.305

Vba32 AntiVirus

Downware.InstallCore

3.12.26.0

VIPRE Antivirus

InstallCore.b

24254

File size:

604.2 KB (618,688 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\downloads\winrarsetup-11550928-zbsb.exe

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:GkOyMJfsGMZUosic0DbyLl1PTQszmc+88Q5AK4fXUr67jE2fAs3N2hWpAeJZ:/OyMJfsjZUop1a1sMmcoQ9Gdo2VN2

Entry address:

0x98CC

Entry point:

55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, FA, 97, FF, FF, E8, 01, AA, FF, FF, E8, 2C, CC, FF, FF, E8, 73, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 76, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 2C, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D8, BD, 40, 00, E8, AB, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D8, BD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.8580

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36 KB (36,864 bytes)

Scan winrarsetup-11550928-zbsb.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.