home

dpinterface64.dll

Skytech

Thinknice Co. Limited

The module dpinterface64.dll by Thinknice Co. Limited has been detected as adware by 19 anti-malware scanners. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.
Publisher:
Skytech Co., Ltd.  (signed by Thinknice Co. Limited)

Product:
Skytech

Version:
1.0.1.40

MD5:
9e6638f73d0cc10be92aae3e7d5ec5b9

SHA-1:
879b4c73092f4e5a0a0f17b816c024392cf852be

SHA-256:
5043ad7ee68b9a685a73f6d973b7dd540421bdb556f3b4041fbcf610cae07998

Scanner detections:
19 / 68

Status:
Adware

Analysis date:
4/25/2024 2:21:16 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Baidu Antivirus
PUA.Win64.Thinknice
4.0.3.1566

Bkav FE
W64.HfsAdware
1.3.0.6379

Dr.Web
Adware.Mutabaha.244
9.0.1.0157

Emsisoft Anti-Malware
Backdoor.Simda.M
8.15.06.06.05

ESET NOD32
Win64/Thinknice.A potentially unwanted
9.11521

G Data
Win64.Application.SubTab
15.6.25

K7 AntiVirus
Trojan
13.203.15688

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.1929

Malwarebytes
PUP.Optional.Skytech.A
v2015.06.06.05

McAfee
Artemis!9E6638F73D0C
5600.6743

NANO AntiVirus
Riskware.Win64.Agent.daxcaj
0.30.20.1219

Panda Antivirus
Trj/Chgt.A
15.06.06.05

Qihoo 360 Security
Malware.Radar03.Gen
1.0.0.1015

Quick Heal
AdWare.Agent.r6 (Not a Virus)
6.15.14.00

Reason Heuristics
PUP.Thinknice.ThinkniceCo
15.6.6.5

Sophos
Elex
4.98

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

Zillya! Antivirus
Adware.Agent.Win32.52690
2.0.0.2149

File size:
284.6 KB (291,440 bytes)

Product version:
1.0.1.40

Copyright:
Skytech Copyright (C) 2013

Original file name:
WorkDll

File type:
Dynamic link library (Win64 DLL)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\suptab\dpinterface64.dll

Digital Signature
Signed by:
Thinknice Co. Limited

Authority:
GlobalSign nv-sa

Valid from:
11/26/2013 12:04:13 PM

Valid to:
11/27/2014 12:04:13 PM

Subject:
CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata
Compilation timestamp:
2/28/2014 6:57:16 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:tC/3p4dCRXyTQSnIx4iz3uReaD+y6jQcs:twSdAXgMz3uRPa1s

Entry address:
0x16348

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, A7, A8, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 4C, B7, 02, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
6.0667

Code size:
180 KB (184,320 bytes)

The file dpinterface64.dll has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove dpinterface64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.