home

npABCUtilapp.dll

npABCUtilapp

Agricultural Bank of China

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘ABCUtilapp’.
Publisher:
ABChina  (signed by Agricultural Bank of China)

Product:
npABCUtilapp

Version:
1, 0, 15, 1126

MD5:
31c74efd8a615c388acc0dd12ec9eab9

SHA-1:
bd6f7b2db46ef0487907a1da6876a8cfb162b315

SHA-256:
98e45374fc565633a9ca7fedb3a7786a2acd2d965f8b61e7ec9985bb54ad0f30

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 2:16:28 AM UTC  (today)

File size:
384.9 KB (394,088 bytes)

Product version:
1, 0, 15, 1126

Copyright:
Copyright(C) 2015 ABChina

Original file name:
npABCUtilapp.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Windows\System32\npabcutilapp.dll

Digital Signature
Signed by:
Agricultural Bank of China

Authority:
VeriSign, Inc.

Valid from:
5/4/2013 8:00:00 AM

Valid to:
5/4/2016 7:59:59 AM

Subject:
CN=Agricultural Bank of China, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Agricultural Bank of China, L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
395410384D767D7CDC6635C57A4EB5E0

Registration
CLSID:
{8D5DF7F6-ABD3-4d72-A68A-76631F5B1436}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
11/26/2015 11:11:02 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:UFl0iUucZNgAIXE7MkuLWT0m52byV8Y7V9E0vnvR9e+/+20Pb:UFl8JI07aCTKY7ViwnvR9J220P

Entry address:
0x9F958

Entry point:
E9, 0D, CF, 00, 00, 00, 00, 4C, 6F, 61, 64, 4C, 69, 62, 72, 61, 72, 79, 41, 00, E9, FF, A6, 00, 00, 48, 89, F4, E9, 40, D6, FD, FF, C5, C7, B9, E6, 7A, 2A, D3, CB, 43, 69, 43, 65, 33, BB, CB, F7, D3, F1, 93, 05, C3, D3, FB, A1, 8B, 35, AB, 13, C3, FB, 9B, 27, 43, 67, 4B, 4F, 73, 61, 73, 4F, 3B, 7B, F3, C9, 53, 65, 03, BD, 53, 73, ED, 61, FE, 4B, 19, AC, 10, 38, 70, 7E, 00, BE, 7C, 9A, 98, 6E, F1, 1C, A7, 1F, 87, 10, FF, EE, E2, 3A, 72, 46, DA, CE, 0D, C7, 45, 67, CC, 2A, B6, CD, 2A, DA, F2, B2, 6C, 15, 34...
 
[+]

Entropy:
7.9034

Packer / compiler:
Xtreme-Protector v1.05

Code size:
213.5 KB (218,624 bytes)

Mozilla Plugin
Name:
ABCUtilapp


Scan npABCUtilapp.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.