pstartw.exe

GBRIDGE LLC

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Gbridge’.
Publisher:
GBRIDGE LLC  (signed and verified)

MD5:
37656de09301eba6c712f1cdf5a5eb80

SHA-1:
78b8b94e2f879ca986acde6e83d971cbeb25c1ed

SHA-256:
496c3f92d5a3248b9cb9aa9e7e58463fbf4993ff9c655bdcce4da4668b036d96

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:08:36 AM UTC  (today)

File size:
95.7 KB (98,024 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\gbridge llc\gbridge\pstartw.exe

Digital Signature
Signed by:

Authority:
The USERTRUST Network

Valid from:
6/25/2008 7:00:00 PM

Valid to:
6/26/2010 6:59:59 PM

Subject:
CN=GBRIDGE LLC, O=GBRIDGE LLC, STREET="610 San Conrado Terrace #7", L=Sunnyvale, S=CA, PostalCode=94085, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
4FCF7A499C2B898457E891C6FE71FF85

File PE Metadata
Compilation timestamp:
11/22/2008 8:16:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:zDpOSq0qpq/V0nfMbzwm41okgtFVIlmcu6cuDQwc9M:zNOSM9kb99ElSyQwEM

Entry address:
0x2F91

Entry point:
E8, 7B, 3B, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 51, 51, 53, 56, 33, F6, 8D, 45, FC, 46, 33, DB, 50, 89, 75, F8, 89, 5D, FC, E8, 4F, F4, FF, FF, 83, 7D, FC, 05, 59, 7E, 04, 8B, C6, EB, 42, 57, 53, FF, 15, 44, 10, 41, 00, 8B, 70, 3C, 03, F0, 66, 39, 5E, 06, 0F, B7, 46, 14, 8D, 7C, 30, 18, 76, 23, 57, 68, 04, 12, 41, 00, E8, C9, 3B, 00, 00, 85, C0, 59, 59, 74, 0E, 0F, B7, 46, 06, 43, 83, C7, 28, 3B, D8, 72, E3, EB, 04, 83, 65, F8, 00, 8B, 45, F8, 5F, 5E, 5B, C9, C3, 56, FF, 35, 48, 50, 41, 00, 8B, 35, 64...
 
[+]

Entropy:
6.1528

Code size:
64 KB (65,536 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Gbridge

Command:
"C:\Program Files\gbridge llc\gbridge\pstartw.exe" "C:\Program Files\gbridge llc\gbridge\gbridge.exe" -autostart


Scan pstartw.exe - Powered by Reason Core Security