Gridinsoft Logo
File Icon

The WinRAR.exe (WinRAR) File Analysis

Updated 20 days ago
Checked by Malaware Check
WinRAR.exe

Technical Analysis

File Name WinRAR.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.216.174
Database Version 2025-05-16 22:00:24 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
3,287,704
File Size (bytes)
2025-05-16
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
e95e38c00b5a74f5fd31cd743d2449ce
SHA1
15035d9f218a4629a8449829eba85b40806f4f59
SHA256
b5268f32fb72dfcfc1109c4a305d3a4bac11a5815123659cd345b24dee0854eb
SHA512
934783173a61caa88d353708789b518aa7630d94ccdbc503b26db4309d54f5ede2fb897ec69a0e1aea6ea6f29f4a5ce9bc845c31c35530a65bf33fd829636d4f
ImpHash
e68fe2e4fe4b72ddbc24bfd21ac99075

PE Analysis

Basic Information

Icon
Hash: b3f0266a9874e070b3ec855645687948
Fuzzy: 33d9200afee9550e4e551841fda604a1
dHash: b233333a6b3a3230
Image Base 0x140000000
Entry Point 0x1401b0110
Compilation Time 2024-02-26 09:00:40
Checksum 0x003276ee (Actual: 0x003276ee)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path D:\Projects\WinRAR\build\winrar64\Release\WinRAR.pdb
Digital Signature OK
Imports 13 libraries
Exports 0 functions
Resources 356 Resources
Sections 8 Sections

Version Information

ProductName WinRAR
CompanyName Alexander Roshal
FileDescription WinRAR
FileVersion 7.0.0
ProductVersion 7.0.0
InternalName WinRAR
LegalCopyright Copyright © Alexander Roshal 1993-2024
OriginalFilename WinRAR.exe
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,933,518 bytes 1,933,824 bytes 6.53 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ EF75B0FCE6E5F9B1AAE618B54E4AFD3B
.rdata 0x001da000 316,416 bytes 316,416 bytes 5.73 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 36EE7B6FC20BFEBE0D48E708583C673C
.data 0x00228000 360,396 bytes 44,544 bytes 4.56 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 900E2461CC24063B0DB503CE36D18582
.pdata 0x00280000 50,772 bytes 51,200 bytes 6.10 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 994C1BA2BA07F574A57E3C15FF14CBD9
.didat 0x0028d000 256 bytes 512 bytes 1.95 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE C1F9239852089F3BB34A8FC923E76E1C
_RDATA 0x0028e000 348 bytes 512 bytes 3.36 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ FDF7C02B69709DBC27271F7F38583A97
.rsrc 0x0028f000 921,584 bytes 921,600 bytes 7.23 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 833F5FBAD8B978F165892E486F8C327A
.reloc 0x00370000 7,588 bytes 7,680 bytes 5.39 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 4AEDBA392296E2E8BC3663C24DCAF5F3
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 356 (901,156 bytes)
Resource Type Count Total Size Percentage
PNG 111 504,459 bytes
56%
RT_CURSOR 2 1,128 bytes
0.1%
RT_ICON 46 283,863 bytes
31.5%
RT_MENU 2 3,478 bytes
0.4%
RT_DIALOG 82 69,734 bytes
7.7%
RT_STRING 98 34,676 bytes
3.8%
RT_ACCELERATOR 6 544 bytes
0.1%
RT_GROUP_CURSOR 1 34 bytes
0%
RT_GROUP_ICON 6 680 bytes
0.1%
RT_VERSION 1 712 bytes
0.1%
RT_MANIFEST 1 1,848 bytes
0.2%

Certificate Chain Analysis

Certificate Information
Product WinRAR
Description WinRAR
File Version 7.0.0
Original Name WinRAR.exe
Signing Date 09:02 AM 02/26/2024 (466 days ago)
Verification Status Signed
Signers win.rar GmbH; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert Timestamp 2023; DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA; DigiCert Trusted Root G4; DigiCert
Internal Name WinRAR
Copyright Copyright © Alexander Roshal 1993-2024
Certificate Chain Summary
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #1 Primary
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
win.rar GmbH #2 Chain
Validity Period: 2023-08-08 00:00:00 → 2026-08-07 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 04 8B 08 39 9E C7 03 62 3C 72 CD 20 77 AD 65 D9
DigiCert Timestamp 2023 #3 Chain
Validity Period: 2023-07-14 00:00:00 → 2034-10-13 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 05 44 AF F3 94 9D 08 39 A6 BF DB 3F 5F E5 61 16
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #4 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #5 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware