bbsvc.exe

Better Brain Client Service

BETTERBRAIN

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application bbsvc.exe by BETTERBRAIN has been detected as adware by 17 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Better Brain 1.10.0.6 Client Service”.
Publisher:
Better Brain  (signed by BETTERBRAIN)

Product:
Better Brain Client Service

Version:
1.10.0.6

MD5:
ddf5b1671d9d5014bda10ade0e17083a

SHA-1:
5fae963424290a0a0e1a401a8f1079d5b001064c

SHA-256:
5d7851b5659b618b2236c416804b25c6bde63f80959a92eaff0da877bd5cd316

Scanner detections:
17 / 68

Status:
Adware

Analysis date:
12/25/2024 12:37:31 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Vitruvian.E
748

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.200.132

AVG
Generic
2016.0.3226

Baidu Antivirus
Adware.Win32.Vitruvian
4.0.3.15117

Bitdefender
Adware.Vitruvian.E
1.0.20.85

Emsisoft Anti-Malware
Adware.Vitruvian
8.15.01.17.06

Fortinet FortiGate
Riskware/Vitruvian
1/17/2015

F-Secure
Adware.Vitruvian.E
11.2015-17-01_7

G Data
Adware.Vitruvian
15.1.24

Malwarebytes
PUP.Optional.BetterBuy.A
v2015.01.17.06

McAfee
Artemis!DDF5B1671D9D
5600.6882

MicroWorld eScan
Adware.Vitruvian.E
16.0.0.51

nProtect
Adware.Vitruvian.E
15.01.13.01

Reason Heuristics
PUP.Service.InfoAtoms
15.1.17.18

Sophos
Generic PUA FP
4.98

Trend Micro House Call
Suspicious_GEN.F47V0110
7.2.17

VIPRE Antivirus
InfoAtoms
36630

File size:
271.1 KB (277,584 bytes)

Product version:
1.10.0.6

Copyright:
Copyright (C) 2015

Original file name:
bbsvc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\betterbrain_1.10.0.6\service\bbsvc.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
9/3/2014 4:15:03 PM

Valid to:
9/3/2016 4:15:03 PM

Subject:
E=support@betterbrainapp.com, CN=BETTERBRAIN, O=BETTERBRAIN, L=Dover, S=DE, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217924DDD48F0F11FE570A7383DB34E9EF

File PE Metadata
Compilation timestamp:
1/7/2015 2:01:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
3072:I1Ld8BfC6C8b/rUUUJ6e8pHkjkIlLnK4zm+GUprlhzyV+VqRPzCTBfneIc0NYC40:ICZaUWwV4NP5bzyVRdzCTBvBVNY1

Entry address:
0x21118

Entry point:
E8, 69, 56, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 83, E9, 01, 74, 2B, 84, C0, 74, 2F, F7, C6, 03, 00, 00, 00, 75, E5, 8B, D9, C1, E9, 02, 75, 61, 83, E3, 03, 74, 13, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 84, C0, 74, 37, 83, EB, 01, 75, ED, 8B, 44...
 
[+]

Entropy:
6.3146

Code size:
180.5 KB (184,832 bytes)

Service
Display name:
Better Brain 1.10.0.6 Client Service

Service name:
bbsvc_1.10.0.6

Description:
This service enables Better Brain 1.10.0.6 on HTTP websites

Type:
Win32OwnProcess


Remove bbsvc.exe - Powered by Reason Core Security