» dpinterface32.dll
Overview
Analysis
File Details
Programs (1)

dpinterface32.dll

Skytech

Thinknice Co. Limited

The module dpinterface32.dll by Thinknice Co. Limited has been detected as adware by 14 anti-malware scanners. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.

File name:

dpinterface32.dll

Publisher:

Skytech Co., Ltd. (signed by Thinknice Co. Limited)

Product:

Skytech

Version:

3.0.2.3477

MD5:

744425f13de59c479ad49d1d1da6e0cf

SHA-1:

1edcbd99868415ee53c921880330bf0e00cb6601

SHA-256:

3eaa184ee6dd037d5e62c284af8cab5244b369c9ff4c536cdc6bc428b0da7d7a

Scanner detections:

14 / 68

Status:

Adware

Analysis date:

4/26/2024 10:32:36 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Agent

7.1.1

Avira AntiVirus

TR/Trash.Gen

7.11.146.118

Baidu Antivirus

Adware.Win32.Agent

4.0.3.14927

Dr.Web

Trojan.Damaged.1

9.0.1.0270

ESET NOD32

Win32/Thinknice

8.9970

G Data

Win32.Application.SubTab

14.9.24

Kaspersky

not-a-virus:AdWare.Win32.Agent

14.0.0.3190

Malwarebytes

PUP.Optional.Skytech.A

v2014.09.27.12

McAfee

Artemis!55CB2AC2812C

5600.6995

Reason Heuristics

PUP.ThinkniceCoLimited.N

14.4.1.12

Sophos

Elex

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10335

Vba32 AntiVirus

AdWare.Agent

3.12.26.3

VIPRE Antivirus

Backdoor.Win32.Bifrose.fsi

28744

File size:

1.2 MB (1,280,624 bytes)

Product version:

3.0.2.3477

Original file name:

WorkDll

File type:

Dynamic link library (Win32 DLL)

Language:

Chinese

Common path:

C:\Program Files\suptab\dpinterface32.dll

Digital Signature

Signed by:

Thinknice Co. Limited

Authority:

GlobalSign nv-sa

Valid from:

11/26/2013 12:34:13 AM

Valid to:

11/27/2014 12:34:13 AM

Subject:

CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata

Compilation timestamp:

3/26/2014 4:45:27 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:PgtAltQhIptdu7MMxvBHRduSE8pA8OP2ABbhEGjRHTUI:I2tQhIptd8ZE2WaGjRHTUI

Entry address:

0x9971F

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, AA, C1, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 70, 51, 10, 10, E8, 52, 87, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 8C, 1A, 11, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 04, D6, 0E, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.2941

Developed / compiled with:

Microsoft Visual C++

Code size:

940 KB (962,560 bytes)

The file dpinterface32.dll has been discovered within the following program.

SupTab by Thinknice Co. Limited

SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.

80% remove it

Remove dpinterface32.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.