home

microsoft excel 2007.exe

2007 Microsoft Office system

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable microsoft excel 2007.exe, “Microsoft Office Excel” has been detected as malware by 14 anti-virus scanners. The file has been seen being downloaded from dla.uloz.to and multiple other hosts.
Publisher:
Microsoft Corporation*  (Invalid match)

Product:
2007 Microsoft Office system

Description:
Microsoft Office Excel

Version:
12.0.4518.1014

MD5:
70361eeff66da73d88fb6a424b3a42c8

SHA-1:
ecd08a0578518d2888c667d95444312e52bc4cc8

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
5/5/2024 1:39:36 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent2
7.1.1

Avira AntiVirus
TR/Agent2.cvzo
7.11.171.178

AVG
Collected_c
2015.0.3344

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.14921

Bkav FE
W32.Clod882.Trojan
1.3.0.4959

Comodo Security
TrojWare.Win32.Agent.wdr
19481

IKARUS anti.virus
Trojan.Win32.Agent
t3scan.1.7.8.0

K7 AntiVirus
Riskware
13.183.13345

NANO AntiVirus
Trojan.Win32.Agent2.nszzr
0.28.2.61942

nProtect
Trojan/W32.Agent2.39247
14.09.11.01

Quick Heal
Trojan.Agent.r3
9.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.152E3301!355349249
23.00.65.14919

ViRobot
Backdoor.Win32.Poison.53248.O
2011.4.7.4223

Zillya! Antivirus
Trojan.Agent2.Win32.10763
2.0.0.1917

File size:
38.3 KB (39,247 bytes)

Product version:
12.0.4518.1014

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
Excel.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\microsoft word 2007\el_doctor.portable.microsoft.office.2007.pro.word.excel only.fonekat.net\microsoft excel 2007.exe

File PE Metadata
Compilation timestamp:
10/27/2006 3:04:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
768:0moD5mXjF0JbuG02G1tR98GUQXhzrNI2+isG:0uXjFsu97KvQR6xisG

Entry address:
0x1A83

Entry point:
9C, 60, 68, 53, 74, 41, 6C, 68, 54, 68, 49, 6E, E8, 00, 00, 00, 00, 58, BB, 94, 1A, 00, 00, 2B, C3, 50, 68, 00, 00, 00, 30, 68, 00, 28, 00, 00, 68, C8, 00, 00, 00, E8, 2C, FF, FF, FF, E9, 90, FF, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, C4, F4, FC, 53, 57, 56, 8B, 75, 08, 8B, 7D, 0C, C7, 45, FC, 08, 00, 00, 00, 33, DB, BA, 00, 00, 00, 80, 43, 33, C0, E8, 19, 01, 00, 00, 73, 0E, 8B, 4D, F8, E8, 27, 01, 00, 00, 02, 45, F7, AA, EB, E9, E8, 04, 01, 00, 00, 0F, 82, 96, 00, 00, 00, E8, F9...
 
[+]

Entropy:
5.3705

Code size:
6.5 KB (6,656 bytes)

The file microsoft excel 2007.exe has been seen being distributed by the following 2 URLs.

http://dla.uloz.to/Ps;Hs;fid=79838014;cid=1630192500;rid=599030198;up=0;uip=95.102.215.60;tm=1468566073;ut=f;aff=ulozto.sk;did=ulozto-sk;He;ch=70a2da293297d38a862e84b5852eba05;Pe/.../microsoft-excel-2007-exe?bD&c=1630192500&De

http://dl.s5.uloz.to/Ps;Hs;fid=2821751;cid=867947276;rid=1567786997;up=0;uid=guest;uip=89.190.52.81;tm=1321307729;ut=f;aff=uloz.to;He;ch=7a4b3c53a2251294af52c3b42d2ab17c;cpnb=29701;cput=mjsv;cptm=1321138529;Pe/.../microsoft-excel-2007.exe

Remove microsoft excel 2007.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.