bbsvc.exe

Better Brain Client Service

BETTERBRAIN

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application bbsvc.exe by BETTERBRAIN has been detected as adware by 20 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Better Brain 1.10.0.5 Client Service”.
Publisher:
Better Brain  (signed by BETTERBRAIN)

Product:
Better Brain Client Service

Version:
1.10.0.5

MD5:
34b430deffad8eb62955cf090d7415a4

SHA-1:
37a9f3752a94fdbcee5ce0a806a06ac2dc537151

SHA-256:
51c9c4bca5f7d665898d579bae8d0f5e5f4b9b7bca57c9b4b4ce209727dda1a4

Scanner detections:
20 / 68

Status:
Adware

Analysis date:
12/25/2024 1:19:40 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.E
769

Avira AntiVirus
Adware/Vitruvian.277584.4
7.11.197.174

AVG
Generic
2015.0.3247

Baidu Antivirus
Adware.Win32.Vitruvian
4.0.3.141227

Bitdefender
Adware.Vitruvian.E
1.0.20.1805

Comodo Security
ApplicUnwnt
20465

Emsisoft Anti-Malware
Adware.Vitruvian
8.14.12.27.06

ESET NOD32
Win32/AdWare.Vitruvian (variant)
8.10925

Fortinet FortiGate
Riskware/Vitruvian
12/27/2014

F-Secure
Adware.Vitruvian.E
11.2014-27-12_7

G Data
Adware.Vitruvian
14.12.24

Malwarebytes
PUP.Optional.BetterBuy.A
v2014.12.27.06

McAfee
Artemis!34B430DEFFAD
5600.6903

MicroWorld eScan
Adware.Vitruvian.E
15.0.0.1083

nProtect
Adware.Vitruvian.E
14.12.24.01

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Service.BETTERBRAIN.F
14.12.27.18

Sophos
Generic PUA DH
4.98

Trend Micro House Call
Suspicious_GEN.F47V1223
7.2.361

VIPRE Antivirus
InfoAtoms
36048

File size:
271.1 KB (277,584 bytes)

Product version:
1.10.0.5

Copyright:
Copyright (C) 2014

Original file name:
bbsvc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\betterbrain_1.10.0.5\service\bbsvc.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
9/3/2014 3:15:03 PM

Valid to:
9/3/2016 3:15:03 PM

Subject:
E=support@betterbrainapp.com, CN=BETTERBRAIN, O=BETTERBRAIN, L=Dover, S=DE, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217924DDD48F0F11FE570A7383DB34E9EF

File PE Metadata
Compilation timestamp:
12/11/2014 5:54:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
3072:J1LNsBfC6C8b/rUUUJ6e8pHkjkIlLnK4zmOrUpAlRjfz+tOR4fCTBf7b0eICbNYu:JiZaUWwV49ICLjfzd2fCTBn0B8NY1

Entry address:
0x21118

Entry point:
E8, 69, 56, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 83, E9, 01, 74, 2B, 84, C0, 74, 2F, F7, C6, 03, 00, 00, 00, 75, E5, 8B, D9, C1, E9, 02, 75, 61, 83, E3, 03, 74, 13, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 84, C0, 74, 37, 83, EB, 01, 75, ED, 8B, 44...
 
[+]

Entropy:
6.3153

Code size:
180.5 KB (184,832 bytes)

Service
Display name:
Better Brain 1.10.0.5 Client Service

Service name:
bbsvc_1.10.0.5

Description:
This service enables Better Brain 1.10.0.5 on HTTP websites

Type:
Win32OwnProcess


Remove bbsvc.exe - Powered by Reason Core Security