» dpinterface32.dll
Overview
Analysis
File Details
Programs (1)

dpinterface32.dll

Skytech

Thinknice Co. Limited

The module dpinterface32.dll by Thinknice Co. Limited has been detected as adware by 15 anti-malware scanners. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.

File name:

dpinterface32.dll

Publisher:

Skytech Co., Ltd. (signed by Thinknice Co. Limited)

Product:

Skytech

Version:

3.0.2.3482

MD5:

c5b6d325037b97066009e4dbab638247

SHA-1:

6b28e4229288f96d71aa3e6cbacf61e04b9caccf

SHA-256:

60302cb1b25a22f4a93c2c0dd1848fe9acabdfb66ff0541a2a613d4ddd71706d

Scanner detections:

15 / 68

Status:

Adware

Analysis date:

4/23/2024 9:32:32 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Agent

7.1.1

Avira AntiVirus

TR/Trash.Gen

7.11.146.118

Baidu Antivirus

Adware.Win32.Agent

4.0.3.15730

Dr.Web

Trojan.Damaged.1

9.0.1.0211

ESET NOD32

Win32/Thinknice

9.9970

G Data

Win32.Application.SubTab

15.7.24

Kaspersky

not-a-virus:AdWare.Win32.Agent

14.0.0.1657

Malwarebytes

PUP.Optional.Skytech.A

v2015.07.30.12

McAfee

Artemis!55CB2AC2812C

5600.6688

Panda Antivirus

Trj/Chgt.A

15.07.30.12

Reason Heuristics

PUP.Thinknice.ThinkniceCo (M)

15.7.30.12

Sophos

Elex

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

9722

Vba32 AntiVirus

AdWare.Agent

3.12.26.3

VIPRE Antivirus

Backdoor.Win32.Bifrose.fsi

28744

File size:

1.2 MB (1,282,160 bytes)

Product version:

3.0.2.3482

Original file name:

WorkDll

File type:

Dynamic link library (Win32 DLL)

Language:

Chinese (Simplified, PRC)

Common path:

C:\Program Files\suptab\dpinterface32.dll

Digital Signature

Signed by:

Thinknice Co. Limited

Authority:

GlobalSign nv-sa

Valid from:

11/26/2013 12:04:13 PM

Valid to:

11/27/2014 12:04:13 PM

Subject:

CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata

Compilation timestamp:

4/29/2014 2:02:15 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:jpcZu1YVKVZqhGoxlz2uQpCONHAJXiYTs53FYJhU6/fdXUB:dcQYVKVZqh5D7TOGJhU6/fxUB

Entry address:

0x99ADF

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 28, C1, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 00, 62, 10, 10, E8, D2, 86, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 8C, 2A, 11, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 04, E6, 0E, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.2946

Developed / compiled with:

Microsoft Visual C++

Code size:

941 KB (963,584 bytes)

The file dpinterface32.dll has been discovered within the following program.

SupTab by Thinknice Co. Limited

SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.

80% remove it

Remove dpinterface32.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.