home

wrar520ru.exe

Innova Soluyushns OOO

The application wrar520ru.exe by Innova Soluyushns OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Innova Soluyushns OOO  (signed and verified)

MD5:
b8605727dae4f51ec335e4c0cc87b249

SHA-1:
15d155ce42fed5ec8a462a4cffbe66ad48f40d9f

SHA-256:
4ae4cc19854f4a8f9a926a0f570d69d17bbed6c74655561b5f4ebf90a1d02d65

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/17/2024 1:22:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.18.1

File size:
637.9 KB (653,192 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wrar520ru.exe

Digital Signature
Signed by:
Innova Soluyushns OOO

Authority:
COMODO CA Limited

Valid from:
11/11/2014 3:00:00 AM

Valid to:
11/12/2015 2:59:59 AM

Subject:
CN=Innova Soluyushns OOO, O=Innova Soluyushns OOO, STREET="Mukomolny, 2/1", L=Moscow, S=Moscow region, PostalCode=123290, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5B6A93520D54B6626ADB1AF5B6FDE0A0

File PE Metadata
Compilation timestamp:
1/30/2015 6:10:47 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
28.6

Entry address:
0xB4C9

Entry point:
4E, C1, CA, 1F, C1, CD, 17, F8, 13, 74, 24, EC, 11, EE, 0F, BA, E3, 14, 0F, BA, E6, 15, 81, EA, F3, 92, 0F, 77, C1, E7, 04, C1, DD, 06, C1, D0, 00, F5, 0F, BA, FD, 0B, 89, D0, C1, E3, 19, 81, EB, 54, 40, 32, 42, 87, D7, 23, 15, 61, 33, 41, 00, 31, F0, 0B, 54, 24, F4, 81, FF, 5A, FE, 7E, E9, F9, C1, E2, 09, 85, EE, C1, E2, 18, F7, D5, F8, 03, 15, CE, C5, 42, 00, 0F, BA, E0, 02, 49, F5, C1, CE, 1F, F9, 81, C3, A1, 9A, 1A, 2D, 4F, C1, EF, 19, 46, 13, 14, 24, 0F, BA, E8, 1F, 90, C1, D6, 04, 87, D9, 90, B8, F5...
 
[+]

Code size:
543.5 KB (556,544 bytes)

Remove wrar520ru.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.