The UnRAR exe (Command line RAR) Alexander Roshal File Malware Analysis
Gridinsoft Logo

The UnRAR.exe (Command line RAR) File Analysis

Updated 7 months ago
Checked by Malware Check
UnRAR.exe

Technical Analysis

File Name UnRAR.exe
File Type
PE32+ executable (console) x86-64, for MS Windows
Scanner Version 1.0.216.174
Database Version 2025-05-16 22:00:24 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
506,008
File Size (bytes)
2025-05-16
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
0100dad675575734961f4c7bd2da5628
SHA1
bdb724fd56c159dc529b4e9d8a3a85727c244b4a
SHA256
d95bba20f04687b0b821d4fc0a17137db8b9eda5fe3fb34da319abefc45fe0d1
SHA512
45ec7e2055538abb853209e8f747a22252ecded34bbc4bc2c907a99bc02cce88fea6857ad7103aac32304764c1ebddc94d8c2d7bee21b8abadb8c6d5023ead1b
ImpHash
7d1e440af537908e3c09fa351258d1f6

PE Analysis

Basic Information

Image Base 0x140000000
Entry Point 0x140041ac0
Compilation Time 2024-02-26 09:00:54
Checksum 0x000888da (Actual: 0x000888da)
OS Version 5.2
PEiD Signatures PE32+ executable (console) x86-64, for MS Windows
PDB Path D:\Projects\WinRAR\rar\build\unrar64\Release\UnRAR.pdb
Digital Signature OK
Imports 7 libraries
KERNEL32, USER32, ADVAPI32, SHELL32, ole32, OLEAUT32, POWRPROF
Exports 0 functions
Resources 54 Resources
Sections 7 Sections

Version Information

ProductName WinRAR
CompanyName Alexander Roshal
FileDescription Command line RAR
FileVersion 7.0.0
ProductVersion 7.0.0
InternalName Command line RAR
LegalCopyright Copyright © Alexander Roshal 1993-2024
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 352,670 bytes 352,768 bytes 6.52 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 2E9D6AD9D926AABA1E657976445ED68E
.rdata 0x00058000 78,790 bytes 78,848 bytes 5.33 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 5667AB3AF2CECDF73C83221898B4FC82
.data 0x0006c000 62,636 bytes 11,776 bytes 4.81 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 0056EE9C2778D4F34733DCE89872CB8E
.pdata 0x0007c000 13,512 bytes 13,824 bytes 5.60 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 0D92B138E0903A7BE69D16E1509FEFE0
_RDATA 0x00080000 348 bytes 512 bytes 3.29 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DD251042501C73E165336848FB61046B
.rsrc 0x00081000 33,608 bytes 33,792 bytes 3.55 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 7EAC4925FE97911B9B8E703D827D8C12
.reloc 0x0008a000 2,616 bytes 3,072 bytes 5.09 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 36AB6C1D3AB0D411E2843299CD780D5A
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 54 (30,750 bytes)
Resource Type Count Total Size Percentage
RT_STRING 52 28,452 bytes
92.5%
RT_VERSION 1 688 bytes
2.2%
RT_MANIFEST 1 1,610 bytes
5.2%

Certificate Chain Analysis

Certificate Information
Product WinRAR
Description Command line RAR
File Version 7.0.0
Signing Date 09:02 AM 02/26/2024 (657 days ago)
Verification Status Signed
Signers win.rar GmbH; DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1; DigiCert Trusted Root G4; DigiCert
Counter Signers DigiCert Timestamp 2023; DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA; DigiCert Trusted Root G4; DigiCert
Internal Name Command line RAR
Copyright Copyright © Alexander Roshal 1993-2024
Certificate Chain Summary
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #1 Primary
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
win.rar GmbH #2 Chain
Validity Period: 2023-08-08 00:00:00 → 2026-08-07 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 04 8B 08 39 9E C7 03 62 3C 72 CD 20 77 AD 65 D9
DigiCert Timestamp 2023 #3 Chain
Validity Period: 2023-07-14 00:00:00 → 2034-10-13 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 05 44 AF F3 94 9D 08 39 A6 BF DB 3F 5F E5 61 16
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #4 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #5 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware