bbsvc.exe

Better Brain Client Service

BETTERBRAIN

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The application bbsvc.exe by BETTERBRAIN has been detected as adware by 5 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Better Brain 1.10.0.4 Client Service”.
Publisher:
Better Brain  (signed by BETTERBRAIN)

Product:
Better Brain Client Service

Version:
1.10.0.4

MD5:
5a83a9ab586baed4f5c4a4c2a4d48c02

SHA-1:
d02990ce21c126cfc4369b57d69c6bab6d1d0c8b

SHA-256:
081a8403572d94250a2c62e8c5adb994bf41086a7ec5904f4cff0dccd9b8b091

Scanner detections:
5 / 68

Status:
Adware

Analysis date:
12/25/2024 12:52:59 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/AdWare.Vitruvian (variant)
8.10847

IKARUS anti.virus
PUA.Vitruvian
t3scan.1.8.5.0

Malwarebytes
PUP.Optional.BetterBuy.A
v2014.12.11.05

Reason Heuristics
PUP.Service.BETTERBRAIN.F
14.12.11.17

VIPRE Antivirus
InfoAtoms
35560

File size:
271.1 KB (277,584 bytes)

Product version:
1.10.0.4

Copyright:
Copyright (C) 2014

Original file name:
bbsvc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\betterbrain_1.10.0.4\service\bbsvc.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
9/3/2014 3:15:03 PM

Valid to:
9/3/2016 3:15:03 PM

Subject:
E=support@betterbrainapp.com, CN=BETTERBRAIN, O=BETTERBRAIN, L=Dover, S=DE, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217924DDD48F0F11FE570A7383DB34E9EF

File PE Metadata
Compilation timestamp:
12/4/2014 1:18:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
3072:+vaVMqZZfC6iUUNolkZxjW4FgF5NgeCyW5hd+4lUpzFSrO1+Y1h2ACTBfIc7eovN:+AvvZdkGMF7le94rO1BwACTBAaBExb1

Entry address:
0x21158

Entry point:
E8, 69, 56, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 0C, 57, 85, C9, 0F, 84, 92, 00, 00, 00, 56, 53, 8B, D9, 8B, 74, 24, 14, F7, C6, 03, 00, 00, 00, 8B, 7C, 24, 10, 75, 0B, C1, E9, 02, 0F, 85, 85, 00, 00, 00, EB, 27, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 83, E9, 01, 74, 2B, 84, C0, 74, 2F, F7, C6, 03, 00, 00, 00, 75, E5, 8B, D9, C1, E9, 02, 75, 61, 83, E3, 03, 74, 13, 8A, 06, 83, C6, 01, 88, 07, 83, C7, 01, 84, C0, 74, 37, 83, EB, 01, 75, ED, 8B, 44...
 
[+]

Entropy:
6.3153

Code size:
180.5 KB (184,832 bytes)

Service
Display name:
Better Brain 1.10.0.4 Client Service

Service name:
bbsvc_1.10.0.4

Description:
This service enables Better Brain 1.10.0.4 on HTTP websites

Type:
Win32OwnProcess


Remove bbsvc.exe - Powered by Reason Core Security