home

gbiehbmb.dll

Banco Mercantil do Brasil Gbieh

Banco Mercantil do Brasil S.A.

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘G-Buster Browser Defense BMB’.
Publisher:
Banco Mercantil do Brasil  (signed by Banco Mercantil do Brasil S.A.)

Product:
Banco Mercantil do Brasil Gbieh

Description:
Gbieh Module

Version:
4,1,2,10

MD5:
dad4ff31a1066fe41cc076bd9b5ec2be

SHA-1:
4626e7d66bf1c5586003a78d91b0ac3ab59b0a08

SHA-256:
13292b6b018e5298895f8840475bf3fe7387bcd6bce031a39e1be16918842d4a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 12:03:49 PM UTC  (today)

File size:
1.3 MB (1,357,488 bytes)

Product version:
4,1,2,10

Copyright:
Copyright © 2003-2012, Banco Mercantil do Brasil

Trademarks:
Banco Mercantil do Brasil, Gbieh

Original file name:
Gbieh.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Brazilian Portuguese

Common path:
C:\windows\downloaded Program Files\gbiehbmb.dll

Digital Signature
Signed by:
Banco Mercantil do Brasil S.A.

Authority:
Thawte, Inc.

Valid from:
5/10/2011 9:00:00 PM

Valid to:
6/9/2013 8:59:59 PM

Subject:
CN=Banco Mercantil do Brasil S.A., OU=GSI, O=Banco Mercantil do Brasil S.A., L=Belo Horizonte, S=Minas Gerais, C=BR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
21E605957E540BDE81436C92AD46D1CD

Registration
CLSIDs:
{C41A1C0E-EA6C-11D4-B1B8-444553540001}, {E37CB5F0-51F5-4395-A808-5FA49E399001}

ProgIDs:
GbiehBmb.GbIehObj.1, GbiehBmb.GbPluginObj.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
3/21/2013 4:53:02 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:lYzdAmp5Bj/MsZI5rrp8fP0C8fvXmvmdrUqhqyprnYHmTo3dKdDHsWsxMNNm:ladAABcrrpYJjvODqIrnYio8xvNNm

Entry address:
0x349552

Entry point:
E8, 20, 02, 00, 00, D0, C0, F8, 66, 0F, A3, E8, F6, D0, 9C, C0, C8, 02, E9, 8D, 22, 00, 00, 00, 00, 46, 69, 6E, 64, 46, 69, 72, 73, 74, 46, 69, 6C, 65, 41, 00, 00, 00, 47, 65, 74, 57, 69, 6E, 64, 6F, 77, 4C, 6F, 6E, 67, 41, 00, 00, 00, 4C, 6F, 63, 61, 6C, 46, 72, 65, 65, 00, 68, 54, CE, 6D, C1, 52, E9, 68, 36, 00, 00, C0, C8, 02, F5, F9, 38, DA, 3A, 07, 0F, 90, C0, 9F, 9F, 68, 1F, 07, B2, C3, 8D, 7F, 01, 98, 8D, 83, 02, A3, 87, 1B, 66, 0F, C8, 9F, 8B, 44, 24, 44, FF, 34, 24, 9C, 8D, 64, 24, 50, 0F, 87, CE...
 
[+]

Code size:
1.4 MB (1,424,896 bytes)

ActiveX Install
Name:
{E37CB5F0-51F5-4395-A808-5FA49E399001}


Approved Shell Extension
Name:
GbPlugin ShlObj

CLSID:
{E37CB5F0-51F5-4395-A808-5FA49E399001}

CLSID name:
GbPluginObj Class


Internet Explorer BHO
Display name:
G-Buster Browser Defense BMB

CLSID:
{C41A1C0E-EA6C-11D4-B1B8-444553540001}

CLSID name:
GbIehObj Class


Shell Execute Hook
Name:
{E37CB5F0-51F5-4395-A808-5FA49E399001}


Scan gbiehbmb.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.