home

dcbrakieamo_amobl_setup.exe

BrowserAir (GOOBZO LTD)

The application dcbrakieamo_amobl_setup.exe by BrowserAir (GOOBZO) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
BrowserAir (GOOBZO LTD)  (signed and verified)

Version:
2.11.0.999

MD5:
d19330b6cf30bc473ce6063f9a99af6a

SHA-1:
4073222e02abb2bf5d7aecf21424fe8a14ea6371

SHA-256:
dabe11e7abc4ec20120ec273a541b89f81ccd1fb1ce1397beac483855150dc6f

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/24/2024 6:00:16 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Goobzo.Installer (M)
15.8.11.21

File size:
2.3 MB (2,382,232 bytes)

Product version:
2.11.0.999

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\installer\install_14608\dcbrakieamo_amobl_setup.exe

Digital Signature
Signed by:
BrowserAir (GOOBZO LTD)

Authority:
COMODO CA Limited

Valid from:
2/10/2015 4:00:00 PM

Valid to:
2/11/2016 3:59:59 PM

Subject:
CN=BrowserAir (GOOBZO LTD), O=BrowserAir (GOOBZO LTD), STREET="Bldg #15 Matam", L=Haifa, S=Haifa, PostalCode=31905, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3B4F9A8B40F303C8AAD1D77B2A2B4674

File PE Metadata
Compilation timestamp:
8/10/2015 7:47:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:jA/X+/YF0a2lra8IQ/NdvVQr+hIn6ZjW6RJOmEMVyd5hFM23To:x40a2ta8IifNQTyhVEWyPAgE

Entry address:
0x4C04DA

Entry point:
E9, C1, 09, 02, 00, B3, A6, 0C, 37, B4, 95, F1, C7, A7, BC, 66, F3, CD, 64, E5, C0, 1E, A1, A6, 5E, F5, C6, 65, 9F, 19, 2A, FB, 93, 36, 26, 96, 77, 14, 2C, B1, 94, 38, B5, 06, 07, 1C, B4, 39, 88, 5A, EB, 5E, DD, C0, 23, B2, B3, F2, D8, 32, D7, 74, 8C, 97, 90, 86, E4, 97, 02, FB, D1, BD, 40, 31, C0, 89, 2C, 15, A8, B9, 38, 21, 69, BA, AB, 9A, FF, EC, B5, 2F, 96, C5, 60, 7D, D2, 2B, 74, 51, B8, CD, C4, 5F, 49, 18, BB, 98, E2, 73, CC, 0D, 57, CA, 9B, 29, 76, 39, 0E, 58, 68, D1, 1B, DA, C9, 98, 08, F9, 52, BD...
 
[+]

Entropy:
7.8972

Packer / compiler:
Xtreme-Protector v1.05

Code size:
549.5 KB (562,688 bytes)

Remove dcbrakieamo_amobl_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.