home

gbxApp.exe

Acer 3G Connection Manager

Birdstep Technology ASA

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘coreworks’.
Publisher:
ACER  (signed by Birdstep Technology ASA)

Product:
Acer 3G Connection Manager

Version:
5.0.0.1106

MD5:
39b0c63d608ec5da47cf964822b40992

SHA-1:
a133a7a78a7f541325d3d96f059222e5cff63a7e

SHA-256:
fbfa7a9a1f3b4c3369fe24ce5ae89fc7cf18663646ea60c1e592d2224c1220f4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 5:47:42 AM UTC  (today)

File size:
786.5 KB (805,352 bytes)

Product version:
5.0.0.1106

Copyright:
Copyright (C) 2008 ACER

Original file name:
gbxApp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\acer 3g connection manager\bin\gbxapp.exe

Digital Signature
Signed by:
Birdstep Technology ASA

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/8/2008 5:50:25 PM

Valid to:
4/8/2009 5:50:25 PM

Subject:
CN=Birdstep Technology ASA, OU=Secure Application Development, O=Birdstep Technology ASA, L=Oslo, S=Oslo, C=NO

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
103751E1242D93A51743AE1558F384B4

File PE Metadata
Compilation timestamp:
6/20/2008 8:43:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:jWfpQwbMV4LIIXvRnVpS3cUSKfIDlbChae1MVhYKO:afpQwQ/IXvdVcM+0D+Mkl

Entry address:
0x54821

Entry point:
E8, 32, 06, 00, 00, E9, D9, FC, FF, FF, CC, 68, EC, 3F, 45, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 24, 21, 48, 00, 31, 45, FC, 33, C5, 89, 45, E4, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, E4, 33, CD, E8, C4, F6, FF, FF, E9, 7A, 02, 00, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 24, 21, 48, 00, 33, C5...
 
[+]

Entropy:
5.6291

Code size:
360 KB (368,640 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
coreworks

Command:
"C:\Program Files\acer 3g connection manager\bin\gbxapp.exe" runatstartup


Scan gbxApp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.