Manalyze report for 4bcc3c3c758706b5b2311fae026f667ccd3e498ff4e70dc3f9f741e30e700ee7

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Feb-01 18:16:43
Detected languages	English - United States
Debug artifacts	D:\Projects\WinRAR\SFX\setup\build\sfxrar64\Release\sfxrar.pdb
ProductName	WinRAR
CompanyName	Alexander Roshal
FileDescription	WinRAR
FileVersion	`7.20.0`
ProductVersion	`7.20.0`
InternalName	WinRAR
LegalCopyright	Copyright Â© Alexander Roshal 1993-2026
OriginalFilename	WinRAR.exe

Plugin Output

Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW LoadLibraryExA LoadLibraryExW` `Can create temporary files: CreateFileW GetTempPathW`
Info	The PE is digitally signed.	`Signer: win.rar GmbH` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Suspicious	VirusTotal score: 1/71 (Scanned on 2026-02-28 07:23:29)	`ClamAV: Win.Trojan.Generic-9947715-0`

Hashes

MD5	`bb91401e55a58a2a8aca69c4c0587a41`
SHA1	`26b1121d8d79271e4ae0c9cdd69aa414c2ccb55b`
SHA256	`4bcc3c3c758706b5b2311fae026f667ccd3e498ff4e70dc3f9f741e30e700ee7`
SHA3	`f90234e1aeaf550f06c6fab4781e7f25ecf86b549d68240e9a0abecfb79025e3`
SSDeep	`49152:h2lrZWrX8pSEFMBbHUe52raBcThZBurBJU3MIOmuVKlPwiJXVOL40PhzC27byQ3R:f+MBAC/mBuNykmFfYpzF/Vo9TuHAA`
Imports Hash	`cb7b08756737887f416a536e41fa6eb1`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`8`
TimeDateStamp	2026-Feb-01 18:16:43
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x3e800`
SizeOfInitializedData	`0x45e00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000025ED0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.1`
ImageVersion	`0.0`
SubsystemVersion	`6.1`
Win32VersionValue	`0`
SizeOfImage	`0x8a000`
SizeOfHeaders	`0x400`
Checksum	`0x3be17f`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`4c1c9b935882dadb770cf5cea3478503`
SHA1	`a1e6bf5386f32d0c01eda6e885a1ef98b3f63b21`
SHA256	`6cb7f01d88d40a023e8b80e1949f021ca67bb8c51799ba41b67cae025821ad29`
SHA3	`3789684f4f5fd3b818591778a77fa0f7e771134cd7f542319030973395797b2b`
VirtualSize	`0x3e68c`
VirtualAddress	`0x1000`
SizeOfRawData	`0x3e800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.43747`

.rdata

MD5	`31750712555ae38b3dbf1ce709a85d8f`
SHA1	`6e9af6865cac88066dc5e9af790d97a6468f1226`
SHA256	`6accd89a29891a2d135768130575efb3bebec4e2f7971401dc4336bcf061caae`
SHA3	`023346b2283f797d08ad06e1944833f2f211d2bf9e9711adb786941bbcb66921`
VirtualSize	`0x14286`
VirtualAddress	`0x40000`
SizeOfRawData	`0x14400`
PointerToRawData	`0x3ec00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.30183`

.data

MD5	`aa3babb5996e5fab7fa64a57c9b62515`
SHA1	`3138fa225af383677fb42cf9ea05fb6bee2da4f2`
SHA256	`848308559678a1f60f043cab4185c915b3ff33bb2e37f0d18722ade87de5b852`
SHA3	`e8e1e465a429f79024410c7edf9c0ca43926b245b66b7d1257ab0a239f9e0a6a`
VirtualSize	`0xb244`
VirtualAddress	`0x55000`
SizeOfRawData	`0x1200`
PointerToRawData	`0x53000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.08532`

.pdata

MD5	`b2bc5eff15291e91b935af146c4878fb`
SHA1	`01281521ba2c7adadeae3ee14a93ab304af4fb57`
SHA256	`12bfe8657038fc144a81a9c41029a1f2f32ae8c1f3f427e5ab99100341d451bd`
SHA3	`e74e3047dbdc4466fcbaf156eacca693979cfa691c084fa1919a14f4d52a4bec`
VirtualSize	`0x3db0`
VirtualAddress	`0x61000`
SizeOfRawData	`0x3e00`
PointerToRawData	`0x54200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.5194`

.didat

MD5	`a7d2092da5b3f6b6aa1ad3c16fd9d59c`
SHA1	`42affd9f88222e448b53ae948088a62735bf5721`
SHA256	`1cbe2a471b7d760214e77d91465ec184c405d5074b1c0f39d6e4b00c33faea1d`
SHA3	`58bcc7c5b521aeb15304bc3d5fdf901dedfa77ef16cedaef4328f894e6462aa4`
VirtualSize	`0x330`
VirtualAddress	`0x65000`
SizeOfRawData	`0x400`
PointerToRawData	`0x58000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.89669`

.fptable

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x100`
VirtualAddress	`0x66000`
SizeOfRawData	`0x200`
PointerToRawData	`0x58400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`d0c8a53e169f449cbac67c9328eb5bf4`
SHA1	`85aa13c6e8bb7c326101977b09897934f75c46f4`
SHA256	`6a82e6a5adf8ec8a4110a331b49cac4f692a0595b0d7b1bc444911084609aafb`
SHA3	`6d0c35d23c3b7708b3b71279c79ff29df196aa9fc940b52fdcda5eacd0aaf36d`
VirtualSize	`0x21758`
VirtualAddress	`0x67000`
SizeOfRawData	`0x21800`
PointerToRawData	`0x58600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.71309`

.reloc

MD5	`177c2da4e713003dad3b95cafa5b3f04`
SHA1	`76084b13ca98a6ba0e98e191db7fd0b993a3856d`
SHA256	`9c745307ba68a35b8409c1b5c260905a6e4b85ecb365253ba797c71cf40fa596`
SHA3	`f8300a0617045ebffdcdbf0f2695b35c2fe013992ea3551433532da20457203f`
VirtualSize	`0x948`
VirtualAddress	`0x89000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x79e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.26444`

Imports

KERNEL32.dll	`GetLastError` `FormatMessageW` `LocalFree` `SetLastError` `CreateHardLinkW` `SetFileTime` `CreateFileW` `CloseHandle` `DeviceIoControl` `RemoveDirectoryW` `DeleteFileW` `GetLongPathNameW` `GetShortPathNameW` `MoveFileW` `GetStdHandle` `WriteFile` `ReadFile` `SetFilePointer` `SetEndOfFile` `FlushFileBuffers` `GetFileType` `CreateDirectoryW` `GetFileAttributesW` `SetFileAttributesW` `GetCurrentProcessId` `FindClose` `FindFirstFileW` `FindNextFileW` `GetVersionExW` `GetFullPathNameW` `FoldStringW` `GetModuleFileNameW` `SetCurrentDirectoryW` `GetCurrentDirectoryW` `GetModuleHandleW` `FindResourceW` `FreeLibrary` `GetProcAddress` `ExpandEnvironmentStringsW` `SetThreadExecutionState` `GetCurrentProcess` `CompareStringW` `AllocConsole` `AttachConsole` `WriteConsoleW` `Sleep` `FreeConsole` `ExitProcess` `GetSystemDirectoryW` `LoadLibraryW` `InitializeCriticalSection` `DeleteCriticalSection` `EnterCriticalSection` `LeaveCriticalSection` `CreateThread` `WaitForSingleObject` `GetProcessAffinityMask` `CreateSemaphoreW` `CreateEventW` `ReleaseSemaphore` `SetThreadPriority` `SetEvent` `ResetEvent` `FileTimeToSystemTime` `SystemTimeToTzSpecificLocalTime` `SystemTimeToFileTime` `GetSystemTime` `WideCharToMultiByte` `MultiByteToWideChar` `GetCPInfo` `IsDBCSLeadByte` `GlobalAlloc` `SizeofResource` `LoadResource` `LockResource` `GlobalLock` `GlobalUnlock` `GlobalFree` `GetDateFormatW` `GetTimeFormatW` `GlobalMemoryStatusEx` `GetLocaleInfoW` `GetNumberFormatW` `GetCommandLineW` `SetEnvironmentVariableW` `GetLocalTime` `GetTickCount` `MoveFileExW` `GetTempPathW` `GetExitCodeProcess` `GetConsoleMode` `GetConsoleOutputCP` `HeapSize` `SetFilePointerEx` `GetStringTypeW` `SetStdHandle` `GetProcessHeap` `LCMapStringW` `InitializeCriticalSectionEx` `RaiseException` `GetSystemInfo` `VirtualProtect` `VirtualQuery` `LoadLibraryExA` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `IsProcessorFeaturePresent` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `WakeAllConditionVariable` `SleepConditionVariableSRW` `IsDebuggerPresent` `GetStartupInfoW` `QueryPerformanceCounter` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlUnwindEx` `RtlPcToFileHeader` `EncodePointer` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `LoadLibraryExW` `QueryPerformanceFrequency` `GetModuleHandleExW` `HeapFree` `HeapAlloc` `HeapReAlloc` `FindFirstFileExW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCommandLineA` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree`
OLEAUT32.dll	`SysAllocString` `SysFreeString`
gdiplus.dll	`GdipFree` `GdipAlloc` `GdipCloneImage` `GdipDisposeImage` `GdipCreateHBITMAPFromBitmap` `GdiplusStartup` `GdiplusShutdown` `GdipCreateBitmapFromStream`
COMCTL32.dll (delay-loaded)	`InitCommonControlsEx`

Delayed Imports

Attributes	`0x1`
Name	`COMCTL32.dll`
ModuleHandle	`0x56190`
DelayImportAddressTable	`0x65090`
DelayImportNameTable	`0x523b8`
BoundDelayImportTable	`0x52cf8`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

201

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3448`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97479`
Detected Filetype	PNG graphic file
MD5	`e2df970031a721c23342a34c725e9a95`
SHA1	`610e9dc252da92291320d1614dc4753213f554bb`
SHA256	`7eae3829507dfcdb3e73f2067bcd39a98b62b8773574e9f12b8eeb63d55e6f3a`
SHA3	`824836446a3859527531d2ca05108b49d4b6bd67aac151948c53b6eadc30aa4e`

202

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa351`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99165`
Detected Filetype	PNG graphic file
MD5	`1c06618419ec4b6b3ed63d96a9d3d7a5`
SHA1	`abcc35aa095108f3d3e7c67531221d897af47d30`
SHA256	`08cb2aa912bb89653819a5325c6510cc8b945dceb57f4db33005aa14025bbdca`
SHA3	`f73669b31a122c7dc704d7b1c911127abf45f9342ff07530b24e77bf1d89e9c6`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50668`
MD5	`96086d41d28f856ca3391836d5b4c2d6`
SHA1	`94080d47e441f5cd429b738df93326537a64600f`
SHA256	`92a5731b8d9633096f106641f8f5a8ebda0f6d3ea51fdccc506540632e23a0a4`
SHA3	`47477dbec9bb8751daadd045377067c46c68115767f6227ed95b8b2668b6d422`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.03536`
MD5	`3cba216d62945819fde4dd30a38a481a`
SHA1	`a98774750991bbbfb7ef1d5a9977f5c5656e1f07`
SHA256	`e8a921644a73112e207a63db1bf897e8b4bd5b42a8b7dc6b5fb9fc38393c5a8f`
SHA3	`982d66ba76fba17a44feee627e5ebe64ca6ef4f7a537d156ffd24eacaeed8492`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.24591`
MD5	`faa5e9d82c0df4731e87c30c969bb71c`
SHA1	`a721da2ac0cd22a8daaf61053e817d33779f17cd`
SHA256	`74f1f57723755661227cbc57b55f37353d95e4660084c4586c9663e99e2383bf`
SHA3	`27e0f4ce478ebe8777b7058e445233cd19c72db680bdb1eddbb5c42f0eeb5c24`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.57239`
MD5	`7db85cadbf5b01c3f0cfd7b6db656d6c`
SHA1	`0fcb33bb1533177350b2b13eeb5d2d16050eccbf`
SHA256	`8179300b99f574a75882a647ef40a5f17889108dc8fc4bff22d2e6d7492f12f6`
SHA3	`5e188ad356fefadc2d481ab7b09d3ef9f128c4dda3cf4b686b536407799fc7cc`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.35851`
MD5	`a8d45c675cc890f075f12d9873609486`
SHA1	`b7dea90f5eed0807294267e677a318f6878299a2`
SHA256	`0f6e739194f9025dff8c62a0d73aa9a376874575a11ed0f70ee7e70bb27f8ec1`
SHA3	`6de4c3a1907eeb90f377b036ab19e2db3618d7986f01f4ec3d1a84d454398d14`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.9392`
MD5	`1831fc37856d558b02a889e32372d89c`
SHA1	`6660901faac31bc68665e50fb8e2597db11bd433`
SHA256	`58d34ea1f4bb30f6bad4135e09372242cf981428384f78f2cb9137044dc898d4`
SHA3	`0560590026b1f15ceaac16ad2dbd3d25cddbf74df268c4833fdfa73f4ca6e816`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc479`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97697`
Detected Filetype	PNG graphic file
MD5	`7cae1fc57e37929264d101c5b4b9aadd`
SHA1	`c7cfea60cfc73b98058228892b369cda8af29557`
SHA256	`eff73f4f26d79b03bbf3230c813227428a638917bc7e66700767531bb84b7861`
SHA3	`1b28c94f7d0ef223568da5c035223d30d26ef4e062aa93f8464dd9be84ae2ede`

LICENSEDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.20214`
MD5	`2fc519e118088c79ead75695913a0942`
SHA1	`8ba15ad12927a164b61e12f11f332db32f1fc324`
SHA256	`b8002f7aca2df76eb0bcd30969fa629ac47d93c1df73561243ef508ce2cdef72`
SHA3	`b0a65e0eb58ddf223baddf97ae115241b4615452398a5595113a7e424587f64a`

RENAMEDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x12e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09135`
MD5	`43b0cc5d14bc75c453a11cb013864a38`
SHA1	`6990aed36ba67f0d6d34a63c3d9fd9dc2487db01`
SHA256	`237fb4fcfacd77cffde8221c92f0726c849afc96cd0bfd833f50b78552f7b22b`
SHA3	`a5ace4978d8258be5a68d7db48bc472ffa5cb949b4bb7c64f35348b5b34bb9e2`

REPLACEFILEDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31634`
MD5	`59053a2d4069a360fc73761849e1318c`
SHA1	`541edef52f27a7178cac477eb3803cb4820d31ae`
SHA256	`19561beb5029c85d95648f15c598b028a4f8a00bc36f452c5428308693ed748e`
SHA3	`a1fea8b8bfc45c410ebcfcc73afd1716c6c2abb2889e8a170e221a7ac702bb59`

STARTDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x37a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.62584`
MD5	`b2c859e5e8b9454e767755494c6b773e`
SHA1	`c3860c81ea3c737a7d87a7b858f6dd98bf7a295a`
SHA256	`b0ee48b93e308c7434f4f88a92d9b934dedbb88abfddfd05239265ec5d608dce`
SHA3	`5187008a084767105a6261eccbae9581508a9a342e2b8444e5691f963a3be32d`

7 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x178`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11482`
MD5	`2ee9ae54e4de4afcd16026d3e8970efa`
SHA1	`4dde762a6933dc6d35a74791ba7ca8f89b9450ff`
SHA256	`ff482b2da9175ce274645f8bc9c2650e6cda79c46fb8ecc194aa95a9799d1f5f`
SHA3	`595c623b535e940219df3d2ae1a3f88e6afcfe87413775255592ff4d7da460ae`

8

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1b4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14988`
MD5	`88acbcb0af6c6f98c8905f5dd5c3216b`
SHA1	`44f458085045f73db94bf36d16c1e80fb654bdae`
SHA256	`51073d8e318a25eb47af44ad4331f44e350d0645aa2066b50d6c700b8f275c3a`
SHA3	`f5fa666715d8d6741a293142b346380200f421323899ba1af04235716d0dd2ba`

9

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x19a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11812`
MD5	`8f26a03e4cc6984a2bf128b42f3b01f0`
SHA1	`11c14f171ba0e47e5db875cc4cb23e507bfb0c50`
SHA256	`9d5dab1ef4badc7e41b23988a91c14f4fce62c05d75a8757e7f165cb4922cc34`
SHA3	`0f6b6ef263de0a0dfc7988081c4a35bc55d89810468938ade2a61e74890d0f9c`

10

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x146`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99727`
MD5	`06aeb5ae44f152010b502d79d78da978`
SHA1	`765389e59fc961fb9782413bccd6218c0ed29c95`
SHA256	`1e87eca343221966ecd9472109f3baf9081c821e3f4e905aa34eb8bce73af4e7`
SHA3	`dda651f9f04eded147d6b4d66801eb000f7f83f5e6161c919beca8e51e7b6f8a`

11

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1fc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.08653`
MD5	`8cfb384b6fe8bcdbfcf661bf4d7baa37`
SHA1	`4318364a6cbee347188ff5ccf6ccb51c25a7e6f6`
SHA256	`d1ad1700fe507e9425bec42aa914b9f20943d04a1db168bdf3a7c9ae4e576c97`
SHA3	`5a39e2d0f914dba26dcde5f2afaaa5bdecae084f51efbe88d09d61c70298e1e9`

12

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86396`
MD5	`cdacfd722673fa2118e7a5973e200771`
SHA1	`48dcedec2c6dbeaa2520b786f455e1876d9cb64b`
SHA256	`607a1d9d84ee47ce45dba818b21e9a0031c393df2331fe2a7feca4be7673f439`
SHA3	`b07ff8e89088900364cdf958e285e30e71206882abadfd63d85839af818de963`

13

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x9a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.59745`
MD5	`09398c31f07168a8fb1a5744b1076346`
SHA1	`ff443e0cd9c0e1c05e427781ef586fadb8b357ac`
SHA256	`c98a7c21143de772344ef2d4a7bc2d2fb7d371e7c2d7d9e9ae25dbf92a042b4a`
SHA3	`3d321cea49774f4167677de8ebcce66feeee0acc42a4a064ec039fdf494f4e16`

15

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.73161`
MD5	`c3b4b25fa9f5f85eb4bfa8ea66c0bbf8`
SHA1	`a552fe444184fc25692eca8ec799d4e7a1011877`
SHA256	`1f680aee0863bea040c4c3e8b89ad65205b384231691cb152f0041138dc3caa1`
SHA3	`e06390cb7ffd10ca5bbb0d3384a3bef67a03bc9e43bda971dd77e7fc8d0f8a54`

16

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80514`
MD5	`3a1b603eaeaa7aca84afab706054807b`
SHA1	`577ba4baf69c0cc5867167174746fc35fb11e8fd`
SHA256	`cfa68e1c4fe3e613725ec1c45a80c2e4855c07e2d4587c8cf46fac05a78c0145`
SHA3	`dc50fd5dad67b49d6067255f83399ab84ccc7adc2476f3b4db2c652fa24c5169`

100

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71858`
Detected Filetype	Icon file
MD5	`fa4e21a753afdaad61d5b71283d61a2b`
SHA1	`1e496326dea2e348f38e1b02d98f65dc36ca7e6c`
SHA256	`69d11c3fcea890e61fabaeaf361100a7371dd3d50ba2f6521e1b3945d1c23bc7`
SHA3	`462f8aaa1672a8adfd58c02207c4d8d0487474b97784923f9f7f190d0ecea3ba`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31439`
MD5	`43225bfc92afd9e50c6c8839b82b3f94`
SHA1	`79481abc057498f634bf348b54b1aafdaeaec8ab`
SHA256	`546a6e1ee895b8c22c54d3ef8a06091e076e1716149fc01dcce70cd81f21eccf`
SHA3	`6b3c33c192ee22d7907c399c023e15f7c8414d6c714657de382cd2b9a2afda9b`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x750`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.26297`
MD5	`a5837488b3661820d02c6d0d17b4e833`
SHA1	`d255d50c49f593c3bca04b311f2ec8c9749d68ae`
SHA256	`ae480a21ef24433601d553113821d44931057af9c927155c807af88e3ae9add1`
SHA3	`30769de83dac2222ad0d2e6deca22c3cf09788599f1f0943a16fbfa42f103140`

String Table contents

Select destination folder
Extracting %s
Skipping %s
Unexpected end of archive
The file "%s" header is corrupt
The archive comment header is corrupt
The archive comment is corrupt
Not enough memory
Unknown method in %s
Cannot open %s
Cannot create %s
Cannot create folder %s
CRC failed in the encrypted file %s. Corrupt file or wrong password.
CRC failed in %s
Packed data CRC failed in %s
Write error in the file %s
Read error
File close error
The required volume is absent
The archive is either in unknown format or damaged
Extracting from %s
Next volume
The archive header is corrupt
Close
Error
Errors encountered while performing the operation
Look at the information window for more details
bytes
modified on
folder is not accessible
Some files could not be created.
You can try to repeat the installation after closing other applications and restarting Windows.
Some installation files are corrupt.
Please download a fresh copy and retry the installation
Copyright © 1993-%d
Extracting files to %s folder
Extracting files to temporary folder
Extract
Extraction progress
Total path and file name length must not exceed %d characters
Pause
Continue
Security warning
Please remove %s from folder %s. It is unsecure to run %s until it is done.

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	7.20.0.0
ProductVersion	7.20.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
ProductName	WinRAR
CompanyName	Alexander Roshal
FileDescription	WinRAR
FileVersion (#2)	7.20.0
ProductVersion (#2)	7.20.0
InternalName	WinRAR
LegalCopyright	Copyright Â© Alexander Roshal 1993-2026
OriginalFilename	WinRAR.exe

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Feb-01 18:16:43
Version	`0.0`
SizeofData	`87`
AddressOfRawData	`0x4dbb8`
PointerToRawData	`0x4c7b8`
Referenced File	D:\Projects\WinRAR\SFX\setup\build\sfxrar64\Release\sfxrar.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Feb-01 18:16:43
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x4dc10`
PointerToRawData	`0x4c810`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Feb-01 18:16:43
Version	`0.0`
SizeofData	`1164`
AddressOfRawData	`0x4dc24`
PointerToRawData	`0x4c824`

TLS Callbacks

StartAddressOfRawData	`0x14004e0f8`
EndAddressOfRawData	`0x14004e100`
AddressOfIndex	`0x1400567cc`
AddressOfCallbacks	`0x140040620`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140055040`
GuardCFCheckFunctionPointer	`5368972536`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

XOR Key	`0x5f07ccd5`
Unmarked objects	`0`
C++ objects (33145)	`157`
ASM objects (33145)	`9`
253 (35207)	`2`
ASM objects (35207)	`10`
C objects (35207)	`17`
C++ objects (35207)	`60`
C objects (33145)	`21`
C objects (CVTCIL) (33145)	`1`
Imports (33145)	`7`
Total imports	`289`
C++ objects (LTCG) (35221)	`46`
Exports (35221)	`1`
Resource objects (35221)	`1`
Linker (35221)	`1`

Errors

Leave a comment

No comments yet.