home

GbpSv.exe

Gbp Service

Banco da Amazonia SA

It runs as a separate (within the context of its own process) windows Service named “Gbp Service”.
Publisher:
Banco da Amazonia SA  (signed and verified)

Product:
Gbp Service

Description:
G-Buster Browser Defense - Service

Version:
2.4.6.0

MD5:
2297a1c11b96fcade12103af289e032f

SHA-1:
d529e332846f7a36773f678651f10c476857161c

SHA-256:
537401a016844bcca795521c88fa5c93828d2d21ff6aae83b7687bc505980f8d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 3:47:31 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

File size:
266.6 KB (272,976 bytes)

Product version:
2.4.6.0

Copyright:
Copyright © 2003-2012, G-Buster Browser Defense

Trademarks:
GbpSv

Original file name:
GbpSv.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\gbplugin\gbpsv.exe

Digital Signature
Signed by:
Banco da Amazonia SA

Authority:
Thawte, Inc.

Valid from:
3/14/2013 9:00:00 PM

Valid to:
4/21/2014 8:59:59 PM

Subject:
CN=Banco da Amazonia SA, O=Banco da Amazonia SA, L=Belem, S=Para, C=BR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
30E9A7D32A1F5B4A1726B87A929A16EA

File PE Metadata
Compilation timestamp:
7/18/2012 9:56:39 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:yG72lsQyYkDHWRR0xdpt1p9UJtbaDmi+yvex9ZOruLGx0dzQ:yGCaQyYkyReptCJtbKmi+yvegaLGx0dM

Entry address:
0x2C721

Entry point:
B8, 24, 2D, 4B, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, C2, 12, A0, 03, 34, 55, 87, 4A, 2C, 3B, 8E, 9E, DB, 82, D9, FB, 2C, 01, 29, 91, F7, 2C, 96, C5, 05, 7B, 32, 35, AE, FE, 3B, 8E, 78, 43, 09, 4D, 74, 76, C6, 19, D1, 24, A1, 8C, 7D, 89, 7C, 87, 5C, 95, 18, 87, 8F, C4, A0, A3, 5F, 0B, AD, CB, F9, A6, 73, 95, 33, D4, 62, F0, 75, A4, A7, 76, 31, 8F, 7B, BD, 63, E2, 91, 2E, 4D, D4, 42, C0, 91, C3, 9B, 8C, 44, 42, A1, 6C, 88...
 
[+]

Packer / compiler:
PECompact v2

Code size:
495 KB (506,880 bytes)

Service
Display name:
Gbp Service

Service name:
GbpSv

Description:
Service for G-Buster Browser Defense

Type:
Win32OwnProcess

Group:
GbPlugin Group


Scan GbpSv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.