home

dpinterfacef32.dll

Skytech

Thinknice Co. Limited

The module dpinterfacef32.dll by Thinknice Co. Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Skytech Co., Ltd.  (signed by Thinknice Co. Limited)

Product:
Skytech

Version:
3.0.2.3477

MD5:
71963c9bc54108004604eca4d5c8f5df

SHA-1:
22843b463af4fd4bb2a14ff31aeac5a995c0c9ce

SHA-256:
6dcb19d6e46cf5c0da21cf1565bccf7ccb677b02af7c219be3e6d550f7dba6c7

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 5:53:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
16.11.29.8

File size:
1.2 MB (1,280,624 bytes)

Product version:
3.0.2.3477

Copyright:
Skytech Copyright (C) 2013

Original file name:
WorkDll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\suptab\dpinterfacef32.dll

Digital Signature
Signed by:
Thinknice Co. Limited

Authority:
GlobalSign nv-sa

Valid from:
11/26/2013 12:04:13 PM

Valid to:
11/27/2014 12:04:13 PM

Subject:
CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata
Compilation timestamp:
3/26/2014 4:15:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:BgtAltQhIptdu7MMxv2ySE8pA8OP2ABbhEGjRHTUv:i2tQhIptd8ME2WaGjRHTUv

Entry address:
0x9971F

Entry point:
FC, AC, 54, 16, 55, 3B, 41, 8C, D8, A2, E3, C7, B2, A8, 4B, DD, C7, E5, BE, 91, D5, FC, 91, AF, 7C, 81, 9A, 80, B8, DC, 04, 47, C2, 90, 15, B4, BA, D7, 7A, E6, B5, 8E, 67, BB, 87, 4F, 99, BC, 74, 28, 1A, A4, C5, F5, 72, D2, 4F, 30, 59, 88, 60, CE, 91, E3, DB, 1F, 93, 44, 72, 5B, E0, 7A, 0B, DB, BE, FF, 62, 80, B8, F4, A0, 94, F2, A3, 52, 98, DB, 51, 62, 7F, 52, EC, AA, CB, AB, 87, AF, 5D, 8B, E4, B9, 0D, AF, 86, 7A, 49, D9, 24, B9, 0E, B8, 2B, 7C, 20, 9D, 02, F3, D2, 77, EA, 42, 5D, 36, 40, 09, 9F, A9, A3...
 
[+]

Entropy:
6.2536

Code size:
940 KB (962,560 bytes)

Remove dpinterfacef32.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.