» dpinterface64.dll
Overview
Analysis
File Details
Programs (1)

dpinterface64.dll

Skytech

Thinknice Co. Limited

The module dpinterface64.dll by Thinknice Co. Limited has been detected as adware by 7 anti-malware scanners. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.

File name:

dpinterface64.dll

Publisher:

Skytech Co., Ltd. (signed by Thinknice Co. Limited)

Product:

Skytech

Version:

1.0.1.40

MD5:

ecd6d7ca577393e155b6c2ffa37f72ce

SHA-1:

f96e4df9b7af5f6ac26b5040e7d65ffc5c16e58d

SHA-256:

03a6f4aabb5edf77d23df6d680c89526521e721d61109c3f1fab4c33d9306c93

Scanner detections:

7 / 68

Status:

Adware

Analysis date:

4/23/2024 6:24:18 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Adware.Mutabaha.244

9.0.1.0160

Emsisoft Anti-Malware

Backdoor.Simda.M

8.15.06.09.05

ESET NOD32

Win64/Thinknice.A potentially unwanted

9.11521

Kaspersky

not-a-virus:AdWare.Win32.Agent

14.0.0.1914

Malwarebytes

PUP.Optional.Skytech.A

v2015.06.09.05

Reason Heuristics

PUP.ThinkniceCoLimited.N

14.4.1.12

Sophos

Elex

4.98

File size:

284.6 KB (291,440 bytes)

Product version:

1.0.1.40

Original file name:

WorkDll

File type:

Dynamic link library (Win64 DLL)

Language:

Chinese

Common path:

C:\Program Files\suptab\dpinterface64.dll

Digital Signature

Signed by:

Thinknice Co. Limited

Authority:

GlobalSign nv-sa

Valid from:

11/26/2013 12:34:13 AM

Valid to:

11/27/2014 12:34:13 AM

Subject:

CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata

Compilation timestamp:

2/28/2014 7:27:16 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:V3hjsC7j3pV+xNdU1RRGp9HTVwyTJWSMfdXUIxrEkOcJfMoT3uRxcg/+HbPW+GY4:sC/3p4dCRXyTQSnIx4iz3uReaD+y6jQf

Entry address:

0x16348

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, A7, A8, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 4C, B7, 02, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

6.0668

Code size:

180 KB (184,320 bytes)

The file dpinterface64.dll has been discovered within the following program.

SupTab by Thinknice Co. Limited

SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.

80% remove it

Remove dpinterface64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.