home

metasploit-latest-windows-installer.exe

Metasploit

Rapid7 LLC

This is a self-extracting archive and installer. The file has been seen being downloaded from downloads.metasploit.com.
Publisher:
Rapid7  (signed by Rapid7 LLC)

Product:
Metasploit

Version:
1.0.0.0

MD5:
77ab99182adc68138e68f6a30efc5513

SHA-1:
dd3602640217a8ffd9ec36268eaf46c66260bd41

SHA-256:
b2427f072ed68b843a1f04e0905731889ae376aed44e74b51e2121398427cc95

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 3:42:23 PM UTC  (today)

File size:
188.9 MB (198,067,872 bytes)

Product version:
4.11.5

Copyright:
Copyright Rapid7

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\metasploit-latest-windows-installer.exe

Digital Signature
Signed by:
Rapid7 LLC

Authority:
GlobalSign nv-sa

Valid from:
10/11/2013 11:15:38 AM

Valid to:
10/11/2016 11:15:38 AM

Subject:
CN=Rapid7 LLC, O=Rapid7 LLC, L=Boston, S=Massachusetts, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213213CACDAE24B8FB575CF233871142FC

File PE Metadata
Compilation timestamp:
5/14/2014 6:03:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
3145728:+btyhhqLZbcYsvuCOnO/v0jekRyAW0ccDMTrPeH0F1fj0yDqOPoZ8knkdszYA6:+bSUZIYsmTKv0KkhTWrPeCf1OOPomezk

Entry address:
0x2C13E0

Entry point:
60, BE, 15, 60, 5E, 00, 8D, BE, EB, AF, E1, FF, C7, 87, A8, B4, 27, 00, F7, 72, 86, AF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 06, F4, 2B, 00, 57, 83, C3, 04, 53, 68, C8, B3, 0D, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Entropy:
8.0000  (probably packed)

Code size:
884 KB (905,216 bytes)

The file metasploit-latest-windows-installer.exe has been seen being distributed by the following URL.

http://downloads.metasploit.com/data/.../metasploit-latest-windows-installer.exe

Scan metasploit-latest-windows-installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.