The Rar exe (Command line RAR) Alexander Roshal File Malware Analysis
Gridinsoft Logo

The Rar.exe (Command line RAR) File Analysis

Updated 2 days ago
Checked by Malware Check
Rar.exe

Technical Analysis

File Name Rar.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.231.174
Database Version 2026-01-05 01:00:37 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
835,792
File Size (bytes)
2026-01-05
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
10913ed85c79c1dafbbbff343c73471b
SHA1
0c3930f1649bb8eabb1207f9c207e693cb830163
SHA256
a7a155934662984a5063d8d9215dc5e226aa12f4e04fca932574ea075e32dd3a
SHA512
d0c688e584ed9eb6e221ff71875f635dc90920dc6063942ad3f6d44a417767da131d1c179bc921ea526bb45d9fe1956f1d0c7e057cf26565ea00d806583eef52
ImpHash
713ff1bd882fb9b22a2f20fb2cde84c7

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140081710
Compilation Time 2025-07-28 09:25:19
Checksum 0x000d5174 (Actual: 0x000d5174)
OS Version 6.0
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path D:\Projects\WinRAR\rar\build\rar64\Release\RAR.pdb
Digital Signature OK
Imports 7 libraries
KERNEL32, USER32, ADVAPI32, SHELL32, ole32, OLEAUT32, POWRPROF
Exports 0 functions
Resources 54 Resources
Sections 7 Sections

Version Information

ProductName WinRAR
CompanyName Alexander Roshal
FileDescription Command line RAR
FileVersion 7.13.0
ProductVersion 7.13.0
InternalName Command line RAR
LegalCopyright Copyright © Alexander Roshal 1993-2025
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 642,156 bytes 642,560 bytes 6.53 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 09F04073427CAECBB2446CB872B937D5
.rdata 0x0009e000 107,862 bytes 108,032 bytes 5.51 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7FB6D5908532702CD3024D0F338A6D51
.data 0x000b9000 82,428 bytes 13,824 bytes 4.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 9C63D80D6D4473E5BE90D08A08FAED9A
.pdata 0x000ce000 21,408 bytes 21,504 bytes 5.90 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 91FEE5B4C6987AB6E740392838BF1391
.fptable 0x000d4000 256 bytes 512 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE BF619EAC0CDF3F68D496EA9344137E8B
.rsrc 0x000d5000 34,368 bytes 34,816 bytes 3.53 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7E090BB922F5491E89EA7D30FC3E6809
.reloc 0x000de000 2,752 bytes 3,072 bytes 5.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ C9414C566F66150063A9661479038F29
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 54 (31,510 bytes)
Resource Type Count Total Size Percentage
RT_STRING 52 29,204 bytes
92.7%
RT_VERSION 1 696 bytes
2.2%
RT_MANIFEST 1 1,610 bytes
5.1%

Certificate Chain Analysis

Certificate Information
Product WinRAR
Description Command line RAR
File Version 7.13.0
Signing Date 09:26 AM 07/28/2025 (162 days ago)
Verification Status Signed
Signers win.rar GmbH; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert SHA256 RSA4096 Timestamp Responder 2025 1; DigiCert Trusted G4 TimeStamping RSA4096 SHA256 2025 CA1; DigiCert Trusted Root G4; DigiCert
Internal Name Command line RAR
Copyright Copyright © Alexander Roshal 1993-2025
Certificate Chain Summary
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #1 Primary
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
win.rar GmbH #2 Chain
Validity Period: 2023-08-08 00:00:00 → 2026-08-07 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 04 8B 08 39 9E C7 03 62 3C 72 CD 20 77 AD 65 D9
DigiCert SHA256 RSA4096 Timestamp Responder 2025 1 #3 Chain
Validity Period: 2025-06-04 00:00:00 → 2036-09-03 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0A 80 EF 18 4B 8D F1 05 82 D1 C4 76 A7 95 74 68
DigiCert Trusted G4 TimeStamping RSA4096 SHA256 2025 CA1 #4 Chain
Validity Period: 2025-05-07 00:00:00 → 2038-01-14 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0D C7 AC 57 05 FF 21 99 2E 40 43 22 0C 3A 49 86
DigiCert Trusted Root G4 #5 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware