home

dcbraiegut_gutbl_setup.exe

BrowserAir (GOOBZO LTD)

The application dcbraiegut_gutbl_setup.exe by BrowserAir (GOOBZO) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
BrowserAir (GOOBZO LTD)  (signed and verified)

Version:
2.11.0.999

MD5:
be4ad4952a3d62a5b57dfcb4b87da408

SHA-1:
674f16148c253d450fa12baec4dada43e1266feb

SHA-256:
9942d5d34bb47c740422aad53e70e763510cdb6aca74688b842a0f5429ed6700

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/24/2024 6:03:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Goobzo.Installer (M)
16.3.31.8

File size:
2.4 MB (2,509,720 bytes)

Product version:
2.11.0.999

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\installer\install_13722\dcbraiegut_gutbl_setup.exe

Digital Signature
Signed by:
BrowserAir (GOOBZO LTD)

Authority:
COMODO CA Limited

Valid from:
2/10/2015 4:00:00 PM

Valid to:
2/11/2016 3:59:59 PM

Subject:
CN=BrowserAir (GOOBZO LTD), O=BrowserAir (GOOBZO LTD), STREET="Bldg #15 Matam", L=Haifa, S=Haifa, PostalCode=31905, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3B4F9A8B40F303C8AAD1D77B2A2B4674

File PE Metadata
Compilation timestamp:
8/6/2015 11:56:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:zDZRTTZ94rvlQlvHqy/BtEElAtQn3qcFk9Y19PqBc:z1RTnP3/B993HSBc

Entry address:
0x522CA2

Entry point:
60, 60, C7, 44, 24, 3C, 57, 14, D4, 8B, E9, D1, 06, 00, 00, 00, 00, 57, 69, 6E, 48, 74, 74, 70, 47, 65, 74, 49, 45, 50, 72, 6F, 78, 79, 43, 6F, 6E, 66, 69, 67, 46, 6F, 72, 43, 75, 72, 72, 65, 6E, 74, 55, 73, 65, 72, 00, C9, BD, A0, 74, 5B, EE, 9F, 6A, 60, 85, C0, 9C, 33, 09, A5, 5E, A1, 29, AC, 04, 3B, 0A, 5F, 16, 2E, AC, 7C, 7C, 53, 33, 1F, 37, 45, 98, 3B, 6F, B4, 0D, E4, A7, 0C, 89, 30, E7, 0A, EA, 36, 09, 7B, F9, 07, 3A, 88, 96, 51, 74, 8B, 86, 8C, CE, F3, A6, B6, 37, 43, 16, BB, 11, F6, 43, 44, 52, 0D...
 
[+]

Entropy:
7.8889  (probably packed)

Code size:
549.5 KB (562,688 bytes)

Remove dcbraiegut_gutbl_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.