home

ext_server_priv.dll

MD5:
2be9f602f288c75e0dbc52670d6610fb

SHA-1:
dc0dc471c4b46774cf6db04a748b5969d6f598d5

SHA-256:
38a1e6f393de40c2134efa7f1e74f0a7bbe74e042f0d96ffa8ec2f91932f0bef

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 12:09:11 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
SPR/Hacktool.PWDMP
7.11.47.138

Comodo Security
UnclassifiedMalware
13971

McAfee
PWCrack-Pwdump
5600.7179

Norman
W32/Suspicious_Gen2.QQQJV
11.20140327

Panda Antivirus
Generic Malware
14.03.27.11

File size:
68 KB (69,632 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\metasploit\framework3\framework\data\meterpreter\ext_server_priv.dll

File PE Metadata
Compilation timestamp:
9/13/2006 8:38:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:0SSrC1sVpPYZXT/rBItktj1DB67X/g2zTT0XhBsyKmMNIyXqHmdvlArVtFtCJsaX:0osq/uL7/g2zTT0XoyKmMx9lABtssa

Entry address:
0x3863

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, F0, F4, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 0C, 0C, 01, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, E7, FE, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, AD, F2, FF, FF, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, C3, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, B2, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
4.9526

Developed / compiled with:
Microsoft Visual C++

Code size:
36 KB (36,864 bytes)

Scan ext_server_priv.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.