home

excelinvoice.exe

Installer

PayPal, Inc.

Publisher:
eBay, Inc.  (signed by PayPal, Inc.)

Product:
Installer

Version:
1.0.0.0

MD5:
55fb3d68a1fd0757d89c5fa2c6661b85

SHA-1:
2b4bfb708d90d8d1c02ecfe4276c70a53aa0db62

SHA-256:
1a23e3405ffc94aa232dbf25b1f78447627e825cd0498360ec74905f7d313a6c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 9:21:56 AM UTC  (today)

File size:
35.8 KB (36,648 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © eBay, Inc. 2012

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\excelinvoice.exe

Digital Signature
Signed by:
PayPal, Inc.

Authority:
Symantec Corporation

Valid from:
5/13/2014 5:00:00 PM

Valid to:
5/22/2016 4:59:59 PM

Subject:
CN="PayPal, Inc.", OU=Client Support, O="PayPal, Inc.", L=San Jose, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
03025CCC41CD0A025EF95AD47C590E25

File PE Metadata
Compilation timestamp:
5/14/2016 3:53:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:8Q0sM2nYyQxx6j+bnz6WIh0eg4Akj6VES0Sp4j:LGC8z9nzzIhHzk4j

Entry address:
0x97CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00...
 
[+]

Entropy:
6.6275

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
30 KB (30,720 bytes)

The file excelinvoice.exe has been seen being distributed by the following URL.

https://www.paypal-invoicing.com/excelinvoicing-1.0/app/.../installer

Scan excelinvoice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.