home

npsf_abn_64.dll

Módulo de Proteção - Banco Santander (Brasil) S.A.

ICP-Brasil

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘gastecnologia.com.br/sf/abn64’.
Publisher:
GAS Tecnologia  (signed by ICP-Brasil)

Product:
Módulo de Proteção - Banco Santander (Brasil) S.A.

Description:
Internet Banking Helper

Version:
3.12.1.2

MD5:
235ab64f552ff09e02a3045c9c68cc4c

SHA-1:
9cae9a58717c8e8960c62af801526064380587fd

SHA-256:
263287c86b89fe6c0bb13389d873f684bbe70bf10331d403f966c9fc0880ad40

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 12:36:22 AM UTC  (today)

File size:
4.6 MB (4,787,016 bytes)

Product version:
3.12.1.2

Copyright:
Copyright 2014 GAS Tecnologia

Original file name:
npsf_abn_64.dll

File type:
Dynamic link library (Win64 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\gas tecnologia\gbbd\npsf_abn_64.dll

Digital Signature
Signed by:
ICP-Brasil

Authority:
ICP-Brasil

Valid from:
5/22/2015 10:00:00 AM

Valid to:
5/21/2016 10:00:00 AM

Subject:
CN=Banco Santander Brasil SA, OU=BANCO SANTANDER BRASIL SA, OU=(EM BRANCO), OU=RISCOS TECNOLOGICOS E SEGURANCA, OU=SAO PAULO, OU=SP, OU=000001006118551, OU=CERTIFICADO SERASA PARA ASSINATURA DE CODIGO, O=ICP-Brasil, C=BR

Issuer:
CN=SERASA Certificadora Digital v2, O=ICP-Brasil, C=BR

Serial number:
5A7305F2AF4F22D6

Registration
CLSIDs:
{0783EB25-59F8-4F02-B6B0-F1D4349F0001}, {0783EB25-59F8-4F02-B6B1-F1D4349F0001}

ProgIDs:
gas.ibh.abn.1, gas.events.abn.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
2/12/2015 6:46:25 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
49152:dt2AkJ+7W5Rah0az3gpOqOhP7SVwUjqQKf5xFTJEotc/4+XrFVqu8O6sK+oYWz/G:ZNLc8vs6YeWI9Q/nr

Entry address:
0x40B1E8

Entry point:
E9, 4F, 5C, FF, FF, 00, 00, 43, 72, 65, 61, 74, 65, 57, 61, 69, 74, 61, 62, 6C, 65, 54, 69, 6D, 65, 72, 41, 00, 4F, 4C, 45, 41, 55, 54, 33, 32, 2E, 64, 6C, 6C, 00, 0F, 85, 9C, EF, FF, FF, 80, FD, 8D, F5, C6, 47, FF, 00, F8, 0F, 81, 35, 83, FF, FF, 66, 0F, A3, CA, 48, F7, C4, 08, 00, 00, 00, E9, E2, 05, FF, FF, 0F, 84, B3, 7D, FF, FF, F9, 39, C4, 2C, 30, 80, FF, C1, F5, 3C, 09, E9, E9, FE, FE, FF, 00, 00, 43, 72, 65, 61, 74, 65, 45, 76, 65, 6E, 74, 57, 00, 00, 00, 46, 69, 6E, 64, 46, 69, 72, 73, 74, 46, 69...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
2.5 MB (2,649,600 bytes)

Mozilla Plugin
Name:
gastecnologia.com.br/sf/abn64


Scan npsf_abn_64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.