» gbiehcef.dll
Overview
Analysis
File Details
Behaviors (1)

gbiehcef.dll

Caixa Economica Federal Gbieh

CAIXA ECONÔMICA FEDERAL

File name:

gbiehcef.dll

Publisher:

Caixa Economica Federal (signed by CAIXA ECONÔMICA FEDERAL)

Product:

Caixa Economica Federal Gbieh

Description:

Gbieh Module

Version:

3.6.3.6

MD5:

d73f409df97abc681219f43403130c72

SHA-1:

7c6cde6ef80aa067530fbf19d963b95a3d12de54

SHA-256:

4fcb81821c2badd103a48e55a4c9332509629e9dc441c4113e86f51603876743

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

1/14/2025 11:02:59 AM UTC (today)

Scan engine

Detection

Engine version

IKARUS anti.virus

Trojan-Spy.Win32.Banker.ear

t3scan.1.2.05.0

Norman

W32/Malware.dam

11.20160605

Panda Antivirus

Suspicious file

16.06.05.05

File size:

203.1 KB (207,944 bytes)

Product version:

3.6.3.6

Trademarks:

Cef, Gbieh

Original file name:

Gbieh.dll

File type:

Dynamic link library (Win32 DLL)

Language:

Brazilian Portuguese

Common path:

C:\Program Files\gbplugin\gbiehcef.dll

Digital Signature

Signed by:

CAIXA ECONÔMICA FEDERAL

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

7/10/2007 12:49:03 PM

Valid to:

8/1/2008 6:56:52 PM

Subject:

CN=CAIXA ECONÔMICA FEDERAL, OU=GESIN - GN SEGURANÇA DA INFORMAÇÃO, O=CAIXA ECONÔMICA FEDERAL, L=BRASILIA, S=DF, C=BR

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

212895DCCF9675435E35180619175EB1

File PE Metadata

Compilation timestamp:

7/31/2007 11:10:32 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:H9ViNt42/LhPisVMXy45excib1a1Mz+eYSJNQwj0SEjg5aJqLvovPCT73cmnd:MG2/NPmXy4ccYUMz+eLfQ60n+aJAAv6t

Entry address:

0xA3EFC

Entry point:

B8, 0C, 4B, 0A, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 00, 08, E1, 48, 01, E9, 30, DD, 07, 0A, 55, 8B, EC, 72, 83, 75, 34, 3C, 45, 08, 39, 48, 87, 33, D2, 42, 53, F1, 58, 0C, 56, F8, F2, D3, 67, E6, 1E, 04, BE, 0F, 57, CF, FA, 40, E7, 89, 45, D4, 03, 38, C8, B8, 74, DF, 58, 07, E0, 4E, 4F, E3, 55, E8, 78, 06, 81, E4, 03, DC, 1B, 60, 05, 36, 87, E9, 5D, EC, F4, 75, D0, EC, 7D, 63, CC, 26, F4, 88, 9B, 0B, 1D, 0C, F8, 74, 59... 
[+]

Packer / compiler:

PECompact v2

Code size:

428 KB (438,272 bytes)

Approved Shell Extension

Name:

GbPlugin ShlObj

CLSID:

{E37CB5F0-51F5-4395-A808-5FA49E399003}

CLSID name:

GbPluginObj Class

Scan gbiehcef.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.