home

gbpdistutil.dll

BANCO ITAU S/A

Publisher:
BANCO ITAU S/A  (signed and verified)

MD5:
5d395278fa835611d4358c9e08f8656f

SHA-1:
3a03ebf5a424a3bd82712e6fb6cb10c5af9eae4e

SHA-256:
565a512434e399555632ebecb32549f6c608c9cece1b6d9271d17e35890caa15

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/20/2024 2:32:05 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0522
7.2.8

File size:
123.3 KB (126,288 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\gbpdistutil.dll

Digital Signature
Signed by:
BANCO ITAU S/A

Authority:
VeriSign, Inc.

Valid from:
6/4/2012 9:00:00 PM

Valid to:
6/9/2013 8:59:59 PM

Subject:
CN=BANCO ITAU S/A, OU=DIOTI - Superintendencia de Continuidade de Negocios, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BANCO ITAU S/A, L=Sao Paulo, S=Sao Paulo, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6A5F64A01854E848E5D9116C3FF88937

File PE Metadata
Compilation timestamp:
2/1/2013 10:02:05 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:D4UxnwcyK+A4Q5YOQzqWeuaM8PatfCJiv2j:FnwcyKJTkQCtfh6

Entry address:
0x31369

Entry point:
9C, C7, 04, 24, FF, 26, 9A, 64, 60, 52, C7, 44, 24, 20, B7, 4F, 07, 70, FF, 34, 24, 60, 9C, C6, 04, 24, 95, 8D, 64, 24, 48, E9, 84, 3D, 00, 00, 9C, 9C, 8D, 64, 24, 30, 0F, 84, F2, 54, FF, FF, 84, C1, 83, FB, 02, 60, 8D, 64, 24, 20, 0F, 84, 25, FB, FF, FF, 51, 39, CB, 66, 0F, A3, C0, E8, 24, D3, FF, FF, 39, 8B, 38, BF, 93, A7, 1D, E3, AF, 45, 60, 8F, 41, E7, 39, C3, A7, BC, E9, 5A, A0, ED, A9, CE, 1B, E4, C9, 2F, D0, 33, 03, 0A, 8B, BA, 3F, CC, 54, C9, 02, 53, 14, 29, FE, B8, B2, 9F, 1D, E9, D6, DE, EE, CE...
 
[+]

Code size:
40 KB (40,960 bytes)

Scan gbpdistutil.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.