Inspection of mpengine.dll revealed that the code responsible for processing RAR archives appears to be a forked and modified version of the original unrar code and has a vulnerability that has since been patched in newer versions of unrar.
MD5 | 1d20cff34936c67b825e496b10f33391
