home

template_x86_windows.exe

Rapid7 LLC

The executable template_x86_windows.exe has been detected as malware by 9 anti-virus scanners.
Publisher:
Rapid7 LLC  (signed and verified)

MD5:
e84df3944bd2b073bbb88f8e89385398

SHA-1:
98d4ae001b54f2a513ce2818ea1287b3bf66b0ee

SHA-256:
ebee8a767921e06c7a9e4dfc660bf5e26b704a35947e38206f20624dc4cf35c6

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
7/1/2025 11:32:26 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

Comodo Security
UnclassifiedMalware
23530

Dr.Web
Trojan.Click2.7704
9.0.1.023

IKARUS anti.virus
Trojan.Win32.Genome
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.212.17751

Panda Antivirus
Trj/Genetic.gen
16.01.23.02

Vba32 AntiVirus
Trojan.Genome.aa
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
45002

Zillya! Antivirus
Trojan.Agent.Win32.281656
2.0.0.2493

File size:
13.3 KB (13,616 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\niet\apps\pro\data\exe_templates\pro\template_x86_windows.exe

Digital Signature
Signed by:
Rapid7 LLC

Authority:
GoDaddy.com, Inc.

Valid from:
11/29/2010 7:44:15 PM

Valid to:
11/29/2011 7:44:15 PM

Subject:
CN=Rapid7 LLC, OU=Metasploit, O=Rapid7 LLC, L=Boston, S=MA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B323EEBBACEDD

File PE Metadata
Compilation timestamp:
11/30/2010 6:40:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
48:qIDszp+pkRhnUxpnit2Vww2yduVdkVrmbZQynit2YimFDx+lYqzigqVPS/W4Bqbc:pa24UDmBVNZ5xmFDxCkFWBqb5zG6BC

Entry address:
0x10D0

Entry point:
55, 8B, EC, 83, EC, 08, 6A, 00, E8, 23, FF, FF, FF, 83, C4, 04, 89, 45, F8, 83, 7D, F8, 00, 75, 04, 33, C0, EB, 0E, 8B, 45, F8, 89, 45, FC, FF, 55, FC, B8, 01, 00, 00, 00, 8B, E5, 5D, C2, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
512 Bytes (512 bytes)

Remove template_x86_windows.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.