» gmicrosoft_excel.exe
Overview
Analysis
File Details
Downloads (15)

gmicrosoft_excel.exe

File name:

MD5:

c812124daf71c70b9b0df24fda9b185b

SHA-1:

d263b321b07aeb1c141aa755abed20b44dd1f43a

SHA-256:

76a9a958c373961e2aca35692e6c3ce59abe788ab9bb15fcab392a6e38584ada

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/5/2024 8:18:59 PM UTC (today)

File size:

25.8 KB (26,436 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\Documents and Settings\{user}\My documents\downloads\programs\gmicrosoft_excel.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

768:CdOKcNIA5RW2gDwkWFX52yzibL4blcmfVLf/9eHdnKCAM+ua:CdBcNIA5R5F4LelXfVLf/9e9nO3ua

Entry point:

3C, 21, 44, 4F, 43, 54, 59, 50, 45, 20, 68, 74, 6D, 6C, 3E, 0A, 3C, 68, 74, 6D, 6C, 20, 63, 6C, 61, 73, 73, 3D, 22, 73, 74, 2D, 6C, 61, 79, 6F, 75, 74, 20, 6C, 73, 2D, 74, 6F, 70, 2D, 6E, 61, 76, 62, 61, 72, 20, 6C, 73, 2D, 62, 6F, 74, 74, 6F, 6D, 2D, 66, 6F, 6F, 74, 65, 72, 20, 73, 68, 6F, 77, 2D, 73, 69, 64, 65, 62, 61, 72, 20, 73, 69, 64, 65, 62, 61, 72, 2D, 6C, 31, 22, 20, 6C, 61, 6E, 67, 3D, 22, 65, 6E, 22, 3E, 0A, 0A, 3C, 68, 65, 61, 64, 3E, 0A, 20, 20, 3C, 6D, 65, 74, 61, 20, 63, 68, 61, 72, 73, 65... 
[+]

Entropy:

5.6070

The file gmicrosoft_excel.exe has been seen being distributed by the following 15 URLs.

http://3rbup.com/.../dN5Mcqsg=

http://3rbup.com/8519049c50a93910?pt=qXK7DA9Se3PVCaoUhos SNC32VYLiB41ETby4LpT6c0=

http://fs3.3rbup.com/8519049c50a93910?download_token=731b2ebf5d7f5f8e90fc5db20e4949317f41782085c856fa369c130bb19f096d

http://3rbup.com/8519049c50a93910?pt=9LHCU7nQo15Oi45j0pfwujmraOwfihUK26YsgCWex7c=

http://3rbup.com/.../6k2T7DLVtFs85sv7VFjq3fDfUQ4PWvX8=

http://fs3.3rbup.com/8519049c50a93910?download_token=80db3d27df3e185dc708ee6db7e64bbca0453b445c09df8e933a7b49e29edc7a

http://3rbup.com/8519049c50a93910?pt=NABrGg3Z4VqaTHMRRDVdsQb2VVFt9OdATzQvV Rrdkw=

http://3rbup.com/.../wQPGE11Kro2I5S778ysvd8LPnegvMEqYQ=

http://3rbup.com/.../2qsZPQdrFBpzZuI=

http://3rbup.com/8519049c50a93910?pt=elsQvZ17etVbXD4WUYvgtQHLou9j2DkqrpqWhTBsuDo=

http://www.newclearchuckle.com/c?x=/vL/A8YcP1a/HLJcierWbnwnWAjdVG4OrMnUpVxnsHQ=&c=w1qnpt3ipXyXej bSSH4Sb5b4viX3Dk tUP1MEBRSFcQHxGxmDnHiY504JxkuNWke/GwWdXjSAcph9VOSAXwH426fGAkUHuZvNWT4OyhyJGG79mT6Y2IHcZVHQ/6uih f1EjvZJADTQAtBTCAwgPNw==&e=0&downloadAs=microsoft_excel.exe&fallback_url=http://microsoft_excel.ar.downloadastro.com/.../?utm_source=ira&utm_medium=error_generating&utm_campaign=microsoft_excel

http://3rbup.com/.../NmbSIq HuOQAboOTebNu6npclMncu V48=

http://3rbup.com/.../q45Zs cqRHEK6W0NTzaVs7y71SkLVXhURmINhY=

http://3rbup.com/8519049c50a93910?pt=cvPfTm8w9mH41KUzqT3wybmRtOn3axmWj26RDlEOCh0=

http://3rbup.com/.../PkGbVOw=

Scan gmicrosoft_excel.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.