home

gremoteserver.exe

GRemoteServer Pro

GBM Software

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘GRemoteServer Pro’.
Publisher:
GBM Software  (signed and verified)

Product:
GRemoteServer Pro

Version:
1.5.9.122

MD5:
21a50cdd25c0d39c10cfe7828fdab75f

SHA-1:
835c30e5307bc6e5d3c0f22b49869afef23b4e34

SHA-256:
b123238f297b90e265e93806ad40e00ad189e58122300e1fd1c961b567f30b1b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:55:54 PM UTC  (today)

File size:
2.6 MB (2,761,184 bytes)

Product version:
1.1.2

Original file name:
GRemoteServer

File type:
Executable application (Win32 EXE)

Language:
Polonais (Pologne)

Common path:
C:\Program Files\gbm\gremote pro\gremoteserver.exe

Digital Signature
Signed by:
GBM Software

Authority:
GlobalSign nv-sa

Valid from:
7/12/2010 10:01:55 PM

Valid to:
8/17/2011 4:06:16 AM

Subject:
E=info@gbmsoftware.com, CN=GBM Software, O=GBM Software, L=Naklo nad Notecia, S=Poland, C=PL

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000129C876AB1F

File PE Metadata
Compilation timestamp:
3/16/2011 10:51:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:W636rgM7NLYNMJ5CJT3QU+yDzSoDMxOPZDVS:W6egM7N0SGJTAUhSrxOi

Entry address:
0x17F8

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 98, 50, 56, 00, A1, 8B, 50, 56, 00, C1, E0, 02, A3, 8F, 50, 56, 00, 52, 6A, 00, E8, 35, 2C, 16, 00, 8B, D0, E8, AA, 8E, 11, 00, 5A, E8, 08, 8E, 11, 00, E8, DF, 8E, 11, 00, 6A, 00, E8, 44, B2, 11, 00, 59, 68, 34, 50, 56, 00, 6A, 00, E8, 0F, 2C, 16, 00, A3, 93, 50, 56, 00, 6A, 00, E9, 33, 42, 12, 00, E9, 72, B2, 11, 00, 33, C0, A0, 7D, 50, 56, 00, C3, A1, 93, 50, 56, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, B8, 00, 00, 00, 0B, C9...
 
[+]

Code size:
1.4 MB (1,458,176 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GRemoteServer Pro

Command:
C:\Program Files\gbm\gremote pro\gremoteserver.exe


Scan gremoteserver.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.