home

gbiehbes.dll

Banco do Estado de Sergipe - BANESE Gbieh

BANCO DO ESTADO DE SERGIPE S/A

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘G-Buster Browser Defense BANESE’.
Publisher:
Banco do Estado de Sergipe - BANESE  (signed by BANCO DO ESTADO DE SERGIPE S/A)

Product:
Banco do Estado de Sergipe - BANESE Gbieh

Description:
Gbieh Module

Version:
4,1,2,29

MD5:
6384e596697b5874e54f3e61c021e0e2

SHA-1:
57aac5e151d1d50a0528a2f59956f91fec0cc78e

SHA-256:
4ee9de96644a020847a085eee5a96d8b3b238032296fefb8d1593997846d1919

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 6:56:53 PM UTC  (today)

File size:
1.3 MB (1,350,776 bytes)

Product version:
4,1,2,29

Copyright:
Copyright © 2003-2012, Banco do Estado de Sergipe - BANESE

Trademarks:
Banco do Estado de Sergipe - BANESE, Gbieh

Original file name:
Gbieh.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\gbplugin\gbiehbes.dll

Digital Signature
Signed by:
BANCO DO ESTADO DE SERGIPE S/A

Authority:
VeriSign, Inc.

Valid from:
5/1/2013 9:00:00 PM

Valid to:
5/2/2014 8:59:59 PM

Subject:
CN=BANCO DO ESTADO DE SERGIPE S/A, OU=ARSET, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BANCO DO ESTADO DE SERGIPE S/A, L=ARACAJU, S=SERGIPE, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
70019003F909804085F79337A58BFDD6

File PE Metadata
Compilation timestamp:
5/10/2013 4:59:39 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:HpRBusGqJdzYrq2qJ21CeMdOH05bKiYgDgeE2eavF9VYTs0BZCiu3ZpbFD41f:HTksJdzKxqJ2keEO0qXeXvdB0B0/bFc9

Entry address:
0x332FB8

Entry point:
52, 9C, 9C, 9C, C7, 44, 24, 0C, 63, E1, 35, 7B, C6, 04, 24, 80, E9, D2, 6E, 01, 00, 00, 00, 43, 6F, 49, 6E, 69, 74, 69, 61, 6C, 69, 7A, 65, 00, 00, 00, 4C, 6F, 63, 61, 6C, 46, 69, 6C, 65, 54, 69, 6D, 65, 54, 6F, 46, 69, 6C, 65, 54, 69, 6D, 65, 00, 00, 00, 47, 65, 74, 43, 75, 72, 72, 65, 6E, 74, 54, 68, 72, 65, 61, 64, 00, 8D, 64, 24, 1C, 0F, 84, 40, 10, 01, 00, E9, 20, 61, F0, FF, E9, 67, DD, FF, FF, 00, 00, 47, 65, 74, 4C, 6F, 6E, 67, 50, 61, 74, 68, 4E, 61, 6D, 65, 41, 00, 00, 00, 4C, 6F, 6F, 6B, 75, 70...
 
[+]

Code size:
1.4 MB (1,423,872 bytes)

Approved Shell Extension
Name:
GbPlugin ShlObj

CLSID:
{E37CB5F0-51F5-4395-A808-5FA49E399027}

CLSID name:
GbPluginObj Class


Internet Explorer BHO
Display name:
G-Buster Browser Defense BANESE

CLSID:
{C41A1C0E-EA6C-11D4-B1B8-444553540027}

CLSID name:
GbIehObj Class


Shell Execute Hook
Name:
{E37CB5F0-51F5-4395-A808-5FA49E399027}


Startup Files Notify
Name:
GbPluginBes


Scan gbiehbes.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.