» bbsvc.exe
Overview
Analysis
File Details
Behaviors (1)

bbsvc.exe

Better Brain Client Service

BETTERBRAIN

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application bbsvc.exe by BETTERBRAIN has been detected as adware by 18 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Better Brain 1.10.0.2 Client Service”.

File name:

bbsvc.exe

Publisher:

Better Brain (signed by BETTERBRAIN)

Product:

Better Brain Client Service

Version:

1.10.0.2

MD5:

082eb20c3f2ce3acfb4ce0a1d55bcb62

SHA-1:

6c3dc9eaf7f406d89f78e0af9435961b5f5d778e

SHA-256:

e728bdd89ab3610a713cddd0edbd62cfa5b9080a34769fa01c48a743098fcc1c

Scanner detections:

18 / 68

Status:

Adware

Analysis date:

5/7/2024 6:15:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Vitruvian.B

794

Agnitum Outpost

PUA.Vitruvian

7.1.1

AVG

Snacks

2015.0.3272

Baidu Antivirus

Adware.Win32.Vitruvian

4.0.3.14122

Bitdefender

Adware.Vitruvian.B

1.0.20.1680

Comodo Security

ApplicUnwnt

20073

Emsisoft Anti-Malware

Adware.Vitruvian

8.14.12.02.07

ESET NOD32

Win32/AdWare.Vitruvian (variant)

8.10696

Fortinet FortiGate

Riskware/Vitruvian

12/2/2014

F-Secure

Adware.Vitruvian.B

11.2014-02-12_3

G Data

Adware.Vitruvian

14.12.24

IKARUS anti.virus

PUA.Vitruvian

t3scan.1.8.3.0

MicroWorld eScan

Adware.Vitruvian.B

15.0.0.1008

nProtect

Adware.Vitruvian.B

14.11.13.01

Reason Heuristics

PUP.Service.BETTERBRAIN.F

14.11.20.9

Sophos

Generic PUA KJ

4.98

Trend Micro House Call

Suspicious_GEN.F47V1015

7.2.336

VIPRE Antivirus

InfoAtoms

34640

File size:

271.1 KB (277,584 bytes)

Product version:

1.10.0.2

Original file name:

bbsvc.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\betterbrain_1.10.0.2\service\bbsvc.exe

Digital Signature

Signed by:

BETTERBRAIN

Authority:

GlobalSign nv-sa

Valid from:

9/3/2014 3:15:03 PM

Valid to:

9/3/2016 3:15:03 PM

Subject:

E=support@betterbrainapp.com, CN=BETTERBRAIN, O=BETTERBRAIN, L=Dover, S=DE, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11217924DDD48F0F11FE570A7383DB34E9EF

File PE Metadata

Compilation timestamp:

10/30/2014 4:41:40 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

3072:rvaVMqZZfC6iUUNolkZxjW4FgF5NgeCyW5hd+4lUpzFSrOx+Y1hqACTBfSc7eoax:rAvvZdkGMF7le94rOxBkACTBKaBZxb1

Entry address:

0x21158

Entry point:

E8, 69, 56, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 83, E9, 01, 74, 2B, 84, C0, 74, 2F, F7, C6, 03, 00, 00, 00, 75, E5, 8B, D9, C1, E9, 02, 75, 61, 83, E3, 03, 74, 13, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 84, C0, 74, 37, 83, EB, 01, 75, ED, 8B, 44... 
[+]

Entropy:

6.3154

Code size:

180.5 KB (184,832 bytes)

Service

Display name:

Better Brain 1.10.0.2 Client Service

Service name:

bbsvc_1.10.0.2

Description:

This service enables Better Brain 1.10.0.2 on HTTP websites

Type:

Win32OwnProcess

Remove bbsvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.