home

Gbieh.dll

Banco do Brasil Gbieh

Banco do Brasil S.A.

Publisher:
Banco do Brasil  (signed by Banco do Brasil S.A.)

Product:
Banco do Brasil Gbieh

Description:
Gbieh Module

Version:
3.8.2.24

MD5:
1d5fa9fd81d9e4bbd075dc83fd57bbe9

SHA-1:
8ced2a34654b408bf9825e8f35b7b4f4f32ebef3

SHA-256:
faba16b864d821303601b1f272880dba48da1215738b5074f6aef293487c0e5a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 2:44:02 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
TrojanSpy.Banker
7.1.1

File size:
264.8 KB (271,152 bytes)

Product version:
3.8.2.24

Copyright:
Copyright © 2003-2009, Banco do Brasil

Trademarks:
Bb, Gbieh

Original file name:
Gbieh.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\gbplugin\gbieh.dll

Digital Signature
Signed by:
Banco do Brasil S.A.

Authority:
VeriSign, Inc.

Valid from:
10/1/2008 9:00:00 PM

Valid to:
10/2/2011 8:59:59 PM

Subject:
CN=Banco do Brasil S.A., OU=Diretoria de Tecnologia, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Banco do Brasil S.A., L=Brasilia, S=Distrito Federal, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5C76152BFFECF8B55B3FB4B15DED1A3A

Registration
CLSIDs:
{C41A1C0E-EA6C-11D4-B1B8-444553540000}, {E37CB5F0-51F5-4395-A808-5FA49E399F83}

ProgIDs:
Gbieh.GbIehObj.1, Gbieh.GbPluginObj.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
3/18/2009 6:19:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:vpBXK2svmRDq2gyUO2JPNPxkCFHXI71okePzihS0qAd1bM5ZyNFjsvN8Q5suU+rM:vHX2ntXNPxHXa/uzYQ5Z+GGQV+PthJ

Entry address:
0xD2CA3

Entry point:
B8, B4, 38, 0D, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 00, 00, 08, E1, 48, 01, E9, 30, F7, 07, 0A, 55, 8B, EC, 72, 83, 75, 34, 3C, 45, 08, 39, 48, F9, 38, 65, F0, 67, 08, F8, 00, 33, D2, 42, 53, 07, 56, 8B, 70, 0C, 57, 41, DA, D3, E3, 9E, 30, 04, F8, 7D, 79, FA, 01, E7, 89, 45, D4, 03, C8, B8, C3, A6, 68, F8, E0, 3F, 4B, 4F, 06, 75, EC, 05, 36, 81, 1C, C6, 45, 0B, 3E, 1F, 5D, D0, CE, 7D, CC, C6, 55, E8, 06, 40, E0, E4, 80...
 
[+]

Packer / compiler:
PECompact v2

Code size:
556 KB (569,344 bytes)

Approved Shell Extension
Name:
GbPlugin ShlObj

CLSID:
{E37CB5F0-51F5-4395-A808-5FA49E399F83}

CLSID name:
GbPluginObj Class


Scan Gbieh.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.