Extracted

Extracted

• ecf95c18be56232d087213191dc8e0713aaff7c29dcf49c8129f0bc33627f568

  .exe windows x86

  9fc2d3b8d1032c25ebeeb29a8f8970c9

  
  

  Code Sign

  03:01

  Certificate

  Issuer

  OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

  Not Before

  16/11/2006, 01:54

  Not After

  16/11/2026, 01:54

  Subject

  SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2b:32:3e:eb:ba:ce:dd

  Certificate

  Issuer

  SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

  Not Before

  29/11/2010, 18:44

  Not After

  29/11/2011, 18:44

  Subject

  CN=Rapid7 LLC,OU=Metasploit,O=Rapid7 LLC,L=Boston,ST=MA,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  e3:f6:50:fd:69:3d:8c:5a:80:cb:01:ba:62:f6:5e:58:86:ba:a9:e2

  Signer

  Actual PE Digest

  e3:f6:50:fd:69:3d:8c:5a:80:cb:01:ba:62:f6:5e:58:86:ba:a9:e2

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Rapid7 LLC,OU=Metasploit,O=Rapid7 LLC,L=Boston,ST=MA,C=US

  01/12/2022, 14:35

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  ReadFile

  SetFilePointer

  VirtualAlloc

  CreateFileA

  GetModuleFileNameA

  CloseHandle

  Sections

  .text

  Size: 512B - Virtual size: 257B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 206B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ