home

GbpSv.exe

Gbp Service

Banco da Amazonia SA

It runs as a separate (within the context of its own process) windows Service named “Gbp Service”.
Publisher:
Banco da Amazonia SA  (signed and verified)

Product:
Gbp Service

Description:
G-Buster Browser Defense - Service

Version:
2.4.6.0

MD5:
e15adcfe112ed981d3aa8e212a5fdb6a

SHA-1:
d5e872a08c7bc6b21e19d7b77379977ba2e59a79

SHA-256:
04811e89880a6f3adcb99b7ba7e16bd78f69e615ebda8b3f61c2a6ebdbf23d37

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 1:18:47 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Trend Micro House Call
Suspicious_GEN.F47V1112
7.2.126

File size:
266.1 KB (272,536 bytes)

Product version:
2.4.6.0

Copyright:
Copyright © 2003-2012, G-Buster Browser Defense

Trademarks:
GbpSv

Original file name:
GbpSv.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\Program Files\gbplugin\gbpsv.exe

Digital Signature
Signed by:
Banco da Amazonia SA

Authority:
Thawte, Inc.

Valid from:
3/23/2012 9:00:00 PM

Valid to:
4/11/2013 8:59:59 PM

Subject:
CN=Banco da Amazonia SA, O=Banco da Amazonia SA, L=Belem, S=Para, C=BR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
4064EBF55EDA29C1A90C10EF99D3B0EB

File PE Metadata
Compilation timestamp:
7/18/2012 9:56:39 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:oG72lsQyYkDHWRR0xdpt1p9UJtbaDmi+yvex9ZOruLGx0dzJ:oGCaQyYkyReptCJtbKmi+yvegaLGx0d9

Entry address:
0x2C721

Entry point:
B8, 24, 2D, 4B, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, C2, 12, A0, 03, 34, 55, 87, 4A, 2C, 3B, 8E, 9E, DB, 82, D9, FB, 2C, 01, 29, 91, F7, 2C, 96, C5, 05, 7B, 32, 35, AE, FE, 3B, 8E, 78, 43, 09, 4D, 74, 76, C6, 19, D1, 24, A1, 8C, 7D, 89, 7C, 87, 5C, 95, 18, 87, 8F, C4, A0, A3, 5F, 0B, AD, CB, F9, A6, 73, 95, 33, D4, 62, F0, 75, A4, A7, 76, 31, 8F, 7B, BD, 63, E2, 91, 2E, 4D, D4, 42, C0, 91, C3, 9B, 8C, 44, 42, A1, 6C, 88...
 
[+]

Packer / compiler:
PECompact v2

Code size:
495 KB (506,880 bytes)

Service
Display name:
Gbp Service

Service name:
GbpSv

Description:
Service for G-Buster Browser Defense

Type:
Win32OwnProcess

Group:
GbPlugin Group


Scan GbpSv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.