home

GbpDist.DLL

GbpDist Module

Banco do Brasil S.A.

The library GbpDist.DLL has been detected as malware by 12 anti-virus scanners.
Publisher:
Banco do Brasil S.A.  (signed and verified)

Product:
GbpDist Module

Version:
2,1,4,0

MD5:
0815f2e9a1c2f998513d2e73ee00bf7e

SHA-1:
e4136197060d1e7e38a69f6895634c027fe0ac1c

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
6/20/2025 4:07:33 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
TrojanSpy.Banker
7.1.1

Avira AntiVirus
TR/Spy.65352
8.3.2.2

Comodo Security
UnclassifiedMalware
23499

Fortinet FortiGate
Riskware/GBplug
6/28/2016

G Data
Win32.Trojan.Agent.X5SU5D
16.6.25

McAfee
PWS-Banker
5600.6355

nProtect
Trojan/W32.Agent.65352
15.10.30.01

Panda Antivirus
Generic Malware
16.06.28.05

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.30G513
7.2.180

Trend Micro
TROJ_SPNR.30G513
10.465.28

Zillya! Antivirus
Trojan.Agent.Win32.164123
2.0.0.2482

File size:
63.8 KB (65,352 bytes)

Product version:
2,1,4,0

Copyright:
Copyright 2004

Original file name:
GbpDist.DLL

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\windows\downloaded Program Files\gbpdist.dll

Digital Signature
Signed by:
Banco do Brasil S.A.

Authority:
VeriSign, Inc.

Valid from:
9/24/2007 9:00:00 PM

Valid to:
10/3/2008 8:59:59 PM

Subject:
CN=Banco do Brasil S.A., OU=UF Tecnologia, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Banco do Brasil S.A., L=Brasilia, S=Distrito federal, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7D4258BAAEBC77E462D087CAAD3D7865

File PE Metadata
Compilation timestamp:
8/14/2007 5:54:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:SWdTo7PIMNOfAzJnL+FxJkyOl05yBLqhgDjRxa:FJ50OuJ6FLkvuENsiK

Entry address:
0x29EEF

Entry point:
B8, D8, AA, 02, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 00, 00, 08, E1, 48, 01, E9, 30, DD, 07, 0A, 55, 8B, EC, 72, 83, 75, 34, 3C, 45, 08, 39, 48, 87, 33, D2, 42, 53, F1, 58, 0C, 56, F8, F2, D3, 67, E6, 1E, 04, BE, 0F, 57, CF, FA, 40, E7, 89, 45, D4, 03, 38, C8, B8, 74, DF, 58, 07, E0, 4E, 4F, E3, 55, E8, 78, 06, 81, E4, 03, DC, 1B, 60, 05, 36, 87, E9, 5D, EC, F4, 75, D0, EC, 7D, 63, CC, 26, F4, 88, 9B, 0B, 1D, 0C, F8, 74...
 
[+]

Packer / compiler:
PECompact v2

ActiveX Install
Name:
{DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931}


Remove GbpDist.DLL - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.