metasploit-latest-windows-installer.exe

Metasploit

Rapid7 LLC

This is a self-extracting archive and installer. The file has been seen being downloaded from downloads.metasploit.com.
Publisher:
Rapid7  (signed by Rapid7 LLC)

Product:
Metasploit

Version:
1.0.0.0

MD5:
4d748f476c3ee20804e6d88ac9ef5686

SHA-1:
84282499af0cca187fd9c9ddf131b506b9ee6cc4

SHA-256:
d091b6050bcfba0f043267e0bbc71589e2baeadb21f828de157312207a2548ea

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 6:39:05 AM UTC  (today)

File size:
184.8 MB (193,795,800 bytes)

Product version:
4.11.1

Copyright:
Copyright Rapid7

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\metasploit-latest-windows-installer.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
10/11/2013 11:15:38 AM

Valid to:
10/11/2016 11:15:38 AM

Subject:
CN=Rapid7 LLC, O=Rapid7 LLC, L=Boston, S=Massachusetts, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213213CACDAE24B8FB575CF233871142FC

File PE Metadata
Compilation timestamp:
5/14/2014 6:03:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
3145728:MEhZp+/DYZbSwiVf8KY7ntmkXMsiC1jaNyPCCXlxW7xnEvPZQ9U3qOPoZ8kPfINs:9herYZO5n2t9mC1jaNyPrXlw7xnEXZ2L

Entry address:
0x2C13E0

Entry point:
60, BE, 15, 60, 5E, 00, 8D, BE, EB, AF, E1, FF, C7, 87, A8, B4, 27, 00, F7, 72, 86, AF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 06, F4, 2B, 00, 57, 83, C3, 04, 53, 68, C8, B3, 0D, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Entropy:
8.0000  (probably packed)

Code size:
884 KB (905,216 bytes)

The file metasploit-latest-windows-installer.exe has been seen being distributed by the following URL.

Scan metasploit-latest-windows-installer.exe - Powered by Reason Core Security