home

metasploit-latest-windows-installer.exe

Metasploit

Rapid7 LLC

This is a self-extracting archive and installer. The file has been seen being downloaded from downloads.metasploit.com.
Publisher:
Rapid7  (signed by Rapid7 LLC)

Product:
Metasploit

Version:
1.0.0.0

MD5:
a8a32cb09fea5b6edec760ecf6cf5563

SHA-1:
95dc8648d8fbf781ebeb700c32782d372d5287c0

SHA-256:
3f87bf86763f68dcd9e97a2f6d1afb79279526a0ac274c6b625ba990d4e6d5cc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:07:50 PM UTC  (today)

File size:
185.1 MB (194,106,800 bytes)

Product version:
4.11.2

Copyright:
Copyright Rapid7

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\metasploit-latest-windows-installer.exe

Digital Signature
Signed by:
Rapid7 LLC

Authority:
GlobalSign nv-sa

Valid from:
10/11/2013 6:15:38 PM

Valid to:
10/11/2016 6:15:38 PM

Subject:
CN=Rapid7 LLC, O=Rapid7 LLC, L=Boston, S=Massachusetts, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213213CACDAE24B8FB575CF233871142FC

File PE Metadata
Compilation timestamp:
5/15/2014 1:03:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
3145728:FR6ZsZbFo4OWdCCd9rkz+PJmM8XI78WyuHzsDYua8XgqOPoZ8kwnAW:KZsZZo4OAD3kSPkMgNcyYubOPoW

Entry address:
0x2C13E0

Entry point:
60, BE, 15, 60, 5E, 00, 8D, BE, EB, AF, E1, FF, C7, 87, A8, B4, 27, 00, F7, 72, 86, AF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 06, F4, 2B, 00, 57, 83, C3, 04, 53, 68, C8, B3, 0D, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Entropy:
8.0000  (probably packed)

Code size:
884 KB (905,216 bytes)

The file metasploit-latest-windows-installer.exe has been seen being distributed by the following URL.

http://downloads.metasploit.com/data/.../metasploit-latest-windows-installer.exe

Scan metasploit-latest-windows-installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.