home

template_x86_windows.exe

Rapid7 LLC

The executable template_x86_windows.exe has been detected as malware by 9 anti-virus scanners.
Publisher:
Rapid7 LLC  (signed and verified)

MD5:
e84df3944bd2b073bbb88f8e89385398

SHA-1:
98d4ae001b54f2a513ce2818ea1287b3bf66b0ee

SHA-256:
ebee8a767921e06c7a9e4dfc660bf5e26b704a35947e38206f20624dc4cf35c6

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
1/1/2025 10:21:03 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

Comodo Security
UnclassifiedMalware
23530

Dr.Web
Trojan.Click2.7704
9.0.1.023

IKARUS anti.virus
Trojan.Win32.Genome
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.212.17751

Panda Antivirus
Trj/Genetic.gen
16.01.23.02

Vba32 AntiVirus
Trojan.Genome.aa
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
45002

Zillya! Antivirus
Trojan.Agent.Win32.281656
2.0.0.2493

File size:
13.3 KB (13,616 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\niet\apps\pro\data\exe_templates\pro\template_x86_windows.exe

Digital Signature
Signed by:
Rapid7 LLC

Authority:
GoDaddy.com, Inc.

Valid from:
11/29/2010 7:44:15 PM

Valid to:
11/29/2011 7:44:15 PM

Subject:
CN=Rapid7 LLC, OU=Metasploit, O=Rapid7 LLC, L=Boston, S=MA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B323EEBBACEDD

File PE Metadata
Compilation timestamp:
11/30/2010 6:40:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
48:qIDszp+pkRhnUxpnit2Vww2yduVdkVrmbZQynit2YimFDx+lYqzigqVPS/W4Bqbc:pa24UDmBVNZ5xmFDxCkFWBqb5zG6BC

Entry address:
0x10D0

Entry point:
55, 8B, EC, 83, EC, 08, 6A, 00, E8, 23, FF, FF, FF, 83, C4, 04, 89, 45, F8, 83, 7D, F8, 00, 75, 04, 33, C0, EB, 0E, 8B, 45, F8, 89, 45, FC, FF, 55, FC, B8, 01, 00, 00, 00, 8B, E5, 5D, C2, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
512 Bytes (512 bytes)

Remove template_x86_windows.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.