Does anyone know if these two files are considered malware? I see a lot of things in the behavior tab that seem suspicious (but then again, I have no idea, and am relatively new/dumb).
Here are the images of the virustotal results I am referring to:
Also, I did see there was an noticeable slowness to my pc after I extracted the rar files (I was in a VM).
Thank you.
Malware or not, remember to update WinRAR
https://arstechnica.com/security/2025/08/high-severity-winrar-0-day-exploited-for-weeks-by-2-groups/
There are some suspicious things going on like the qcloud and counter-strike domains, as well as the 7zip extract being run.
I would probably get rid of it.
I installed 7zip if that made it appear (not sure if it is the case though) Yeah I may have to just pay for subscriptions with money I can’t afford :S
I suppose you can probably do most things without the plugins too, just more time intensive
Unlikely for the rar file itself. The exe seems a little suspicious, so I would scan that file individually. Hard to say without unpacking and examining it.
Should I have scanned the extracted folders rather than the rar file itself? (even though it shows network communications and mitre signatures?)
I ran an antivirus outside the VM and nothing was detected luckily. (I had already extracted the rar files, but just scanned the rar itself)
Yes, scan the potential malware directly (exe, dll files). Not all scanners support extracting archives.
No it’s fine, clearly it did extract the rar file and run everything.
