gboxapp.exe

DownloaderChrome

Web Pick - Internet Holdings Ltd

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application gboxapp.exe by Web Pick - Internet Holdings has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Web Pick - Internet Holdings Ltd  (signed and verified)

Product:
DownloaderChrome

Version:
1.0.0.0

MD5:
7b601d89e8d285eec1808e8a21229049

SHA-1:
23fd43b541cd40633a677e5b9e8d763f9b1d0e89

SHA-256:
191ca47b77bb9248604446042ba591208bdc52f8d32165f417a436b4f7f29a4e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 1:50:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.WebPick.WebPickInternetHoldings (M)
16.2.21.10

File size:
12.3 KB (12,632 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
DownloaderChrome.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gboxapp.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
8/5/2013 2:00:00 AM

Valid to:
8/26/2015 1:59:59 AM

Subject:
CN=Web Pick - Internet Holdings Ltd, O=Web Pick - Internet Holdings Ltd, L=Ramat Hasharon, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3A2CC4F26C8E3CCEC344182538F0AF2D

File PE Metadata
Compilation timestamp:
4/14/2015 5:06:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:Sqp4tkZwIRaI2iXi9OMb/E5MOKcZRPYrok8oiou7+wfLa:xpZZwIaI2QiwR3KcZRQoIuk

Entry address:
0x398E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.6330

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6.5 KB (6,656 bytes)

Remove gboxapp.exe - Powered by Reason Core Security