gmicrosoft_excel.exe

MD5:
c812124daf71c70b9b0df24fda9b185b

SHA-1:
d263b321b07aeb1c141aa755abed20b44dd1f43a

SHA-256:
76a9a958c373961e2aca35692e6c3ce59abe788ab9bb15fcab392a6e38584ada

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:45:48 PM UTC  (today)

File size:
25.8 KB (26,436 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\programs\gmicrosoft_excel.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
768:CdOKcNIA5RW2gDwkWFX52yzibL4blcmfVLf/9eHdnKCAM+ua:CdBcNIA5R5F4LelXfVLf/9e9nO3ua

Entry point:
3C, 21, 44, 4F, 43, 54, 59, 50, 45, 20, 68, 74, 6D, 6C, 3E, 0A, 3C, 68, 74, 6D, 6C, 20, 63, 6C, 61, 73, 73, 3D, 22, 73, 74, 2D, 6C, 61, 79, 6F, 75, 74, 20, 6C, 73, 2D, 74, 6F, 70, 2D, 6E, 61, 76, 62, 61, 72, 20, 6C, 73, 2D, 62, 6F, 74, 74, 6F, 6D, 2D, 66, 6F, 6F, 74, 65, 72, 20, 73, 68, 6F, 77, 2D, 73, 69, 64, 65, 62, 61, 72, 20, 73, 69, 64, 65, 62, 61, 72, 2D, 6C, 31, 22, 20, 6C, 61, 6E, 67, 3D, 22, 65, 6E, 22, 3E, 0A, 0A, 3C, 68, 65, 61, 64, 3E, 0A, 20, 20, 3C, 6D, 65, 74, 61, 20, 63, 68, 61, 72, 73, 65...
 
[+]

Entropy:
5.6070

The file gmicrosoft_excel.exe has been seen being distributed by the following 15 URLs.

http://3rbup.com/.../dN5Mcqsg=

http://3rbup.com/8519049c50a93910?pt=qXK7DA9Se3PVCaoUhos SNC32VYLiB41ETby4LpT6c0=

http://fs3.3rbup.com/8519049c50a93910?download_token=731b2ebf5d7f5f8e90fc5db20e4949317f41782085c856fa369c130bb19f096d

http://3rbup.com/8519049c50a93910?pt=9LHCU7nQo15Oi45j0pfwujmraOwfihUK26YsgCWex7c=

http://3rbup.com/.../6k2T7DLVtFs85sv7VFjq3fDfUQ4PWvX8=

http://fs3.3rbup.com/8519049c50a93910?download_token=80db3d27df3e185dc708ee6db7e64bbca0453b445c09df8e933a7b49e29edc7a

http://3rbup.com/8519049c50a93910?pt=NABrGg3Z4VqaTHMRRDVdsQb2VVFt9OdATzQvV Rrdkw=

http://3rbup.com/.../wQPGE11Kro2I5S778ysvd8LPnegvMEqYQ=

http://3rbup.com/.../2qsZPQdrFBpzZuI=

http://3rbup.com/8519049c50a93910?pt=elsQvZ17etVbXD4WUYvgtQHLou9j2DkqrpqWhTBsuDo=

Scan gmicrosoft_excel.exe - Powered by Reason Core Security