» gbpluginabnsetup.exe
Overview
Analysis
File Details
Downloads (2)

gbpluginabnsetup.exe

Diagnóstico do Módulo de Proteção

ICP-Brasil

This is a self-extracting archive and installer. The file has been seen being downloaded from wwws.santandernet.com.br and multiple other hosts.

File name:

Publisher:

Grupo Banco Santander (BRASIL) SA (signed by ICP-Brasil)

Product:

Diagnóstico do Módulo de Proteção

Version:

1,5,1,1

MD5:

388c2eadd06cdb3b53ad5d735ab73539

SHA-1:

21ef260f2927927db1ebc4cdfb3495e374dcebc1

SHA-256:

41b634299cfeb73f08199b734dbf47687e5b79b028f2e6ce2fa7295df1b570b8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

10/31/2024 11:34:51 PM UTC (a few moments ago)

File size:

3.3 MB (3,429,704 bytes)

Product version:

1,5,1,1

Original file name:

gbpluginabnsetup

File type:

Executable application (Win32 EXE)

Language:

Português

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\gbpluginabnsetup.exe

Digital Signature

Signed by:

ICP-Brasil

Authority:

ICP-Brasil

Valid from:

5/22/2015 10:00:00 AM

Valid to:

5/21/2016 10:00:00 AM

Subject:

CN=Banco Santander Brasil SA, OU=BANCO SANTANDER BRASIL SA, OU=(EM BRANCO), OU=RISCOS TECNOLOGICOS E SEGURANCA, OU=SAO PAULO, OU=SP, OU=000001006118551, OU=CERTIFICADO SERASA PARA ASSINATURA DE CODIGO, O=ICP-Brasil, C=BR

Issuer:

CN=SERASA Certificadora Digital v2, O=ICP-Brasil, C=BR

Serial number:

5A7305F2AF4F22D6

File PE Metadata

Compilation timestamp:

8/7/2015 6:58:49 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:IL+QPL7A43KkGc1MSH84raKbbsZ2NjY7EkldmZbMo+YIpP17rFIy9Edh4GTOTQ0V:IxvF3KKaaX4wq1Sy9EBTOTt50R0fME

Entry address:

0x12D102

Entry point:

E8, 86, EB, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, 83, 3D, B4, 9F, 5C, 00, 00, 0F, 84, B6, EE, 00, 00, 83, EC, 08, 0F, AE, 5C, 24, 04, 8B, 44, 24, 04, 25, 80, 1F, 00, 00, 3D, 80, 1F, 00, 00, 75, 0F, D9, 3C, 24, 66, 8B, 04, 24, 66, 83, E0, 7F, 66, 83, F8, 7F, 8D, 64, 24, 08, 0F, 85, 85, EE, 00, 00, EB, 00, F3, 0F, 7E, 44, 24, 04, 66, 0F, 28, 15, 90, 6D, 58, 00, 66, 0F, 28, C8, 66, 0F, 28, F8, 66, 0F, 73, D0, 34, 66, 0F, 7E, C0, 66, 0F, 54, 05, C0, 6D, 58, 00, 66, 0F, FA, D0, 66, 0F, D3, CA, A9, 00, 08... 
[+]

Code size:

1.4 MB (1,491,968 bytes)

The file gbpluginabnsetup.exe has been seen being distributed by the following 2 URLs.

https://wwws.santandernet.com.br/mps/.../gbpluginabnsetup.exe

https://wwws2.santandernet.com.br/mps/.../gbpluginabnsetup.exe

Scan gbpluginabnsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.