home

dcbraiegut_gutbl_setup.exe

BrowserAir (GOOBZO LTD)

The application dcbraiegut_gutbl_setup.exe by BrowserAir (GOOBZO) has been detected as adware by 22 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
BrowserAir (GOOBZO LTD)  (signed and verified)

Version:
2.9.0.999

MD5:
1410df05d3f2dc8e72ac8d170f133d0e

SHA-1:
1781ac65fd7916168d4f0ceab2403662d0780fea

SHA-256:
8d015ad9bcbf74776bd288f18ba963fa65aa66cb09d520659f7dfd61190653c3

Scanner detections:
22 / 68

Status:
Adware

Analysis date:
5/21/2024 4:40:31 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2580105
529

Avira AntiVirus
TR/Agent.2372504
8.3.1.6

Arcabit
Trojan.Generic.D275E89
1.0.0.425

Baidu Antivirus
Trojan.Win32.Dropper.bjoteo
4.0.3.15825

Bitdefender
Trojan.GenericKD.2580105
1.0.20.1185

Bkav FE
HW32.Packed
1.3.0.6979

Dr.Web
Trojan.DownLoader15.2151
9.0.1.0237

Emsisoft Anti-Malware
Trojan.GenericKD.2580105
8.15.08.25.06

Fortinet FortiGate
W32/Agent.BJOTEO!tr
8/25/2015

F-Secure
Trojan.GenericKD.2580105
11.2015-25-08_3

G Data
Trojan.GenericKD.2580105
15.8.25

IKARUS anti.virus
Trojan-Dropper.Win32.Agent
t3scan.1.9.5.0

K7 AntiVirus
Riskware
13.207.16684

Kaspersky
Trojan-Dropper.Win32.Agent.bjoteo
14.0.0.1529

McAfee
Artemis!1410DF05D3F2
5600.6663

MicroWorld eScan
Trojan.GenericKD.2580105
16.0.0.711

NANO AntiVirus
Trojan.Win32.Agent.duipta
0.30.24.2668

nProtect
Trojan.GenericKD.2580105
15.07.23.01

Panda Antivirus
Adware/Goobzo
15.08.25.06

Qihoo 360 Security
HEUR/QVM16.0.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Goobzo.Installer (M)
15.8.25.6

VIPRE Antivirus
Trojan.Win32.Generic
42358

File size:
2.3 MB (2,372,504 bytes)

Product version:
2.9.0.999

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\installer\install_31693\dcbraiegut_gutbl_setup.exe

Digital Signature
Signed by:
BrowserAir (GOOBZO LTD)

Authority:
COMODO CA Limited

Valid from:
2/10/2015 6:00:00 PM

Valid to:
2/11/2016 5:59:59 PM

Subject:
CN=BrowserAir (GOOBZO LTD), O=BrowserAir (GOOBZO LTD), STREET="Bldg #15 Matam", L=Haifa, S=Haifa, PostalCode=31905, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3B4F9A8B40F303C8AAD1D77B2A2B4674

File PE Metadata
Compilation timestamp:
7/19/2015 1:56:59 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:r2yF6+nAAFzD0F6yF5fDkDwaAGrbF4K9jzxN6g6GMVfv2o47nO1oKUA6lkqVhJtf:/FPM5Lk7AMbhn4g6GMx2F75A6zV3tl3F

Entry address:
0x2C6768

Entry point:
E9, 55, E9, 1C, 00, BC, 7D, 80, 96, A8, AA, D2, D6, BA, 80, 68, 6E, CA, 7D, 80, A7, A8, AA, D6, 6E, 74, CD, EA, EC, 0E, 2A, 80, 27, A8, AA, D5, 55, 05, 23, C3, 8A, 0E, 18, 80, A7, A8, AA, D5, 55, E8, D3, 13, 37, 4D, 70, 80, 27, A8, AA, D5, 4B, D4, DE, 49, E4, 0E, 48, 80, 27, A8, AA, D5, 55, E6, A3, D4, 55, 00, 12, 80, 00, A8, AA, D4, 49, 54, 94, 36, 79, 48, 54, 00, 25, A8, AA, DA, 01, 1E, 64, 68, 78, 4C, 1A, 80, A7, A8, AA, D5, 2D, 9F, 68, 9E, 02, B5, 12, 80, 16, A8, AA, D1, 75, FA, 33, 2E, 84, 0E, 20, 80...
 
[+]

Entropy:
7.8989

Packer / compiler:
Xtreme-Protector v1.05

Code size:
548.5 KB (561,664 bytes)

Remove dcbraiegut_gutbl_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.