home

npcombrg701.dll

iTrusChina iTrusPTA,XEnroll,iEnroll,hwPTA,UKeyInstalls Firefox Plugin

iTrusChina Co.,Ltd.

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘@alipay.com/NPComBrg701,version=1.0.2011.701’.
Publisher:
iTrusChina  (signed by iTrusChina Co.,Ltd.)

Product:
iTrusChina iTrusPTA,XEnroll,iEnroll,hwPTA,UKeyInstalls Firefox Plugin

Description:
iTrusPTA&XEnroll hwPTA,IEnroll,UKeyInstalls for FireFox,version=1.0.0.2

Version:
1, 0, 2011, 701

MD5:
fe577603245ddb00cc9474b1328817e5

SHA-1:
1d85c3b92153928f83ff52ec02014ffc5caabadf

SHA-256:
497fadf12e54571051e88f79d3e2a0f6291fb05deb5b36c55726394152463854

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 1:10:15 AM UTC  (today)

File size:
77.9 KB (79,768 bytes)

Product version:
1, 0, 2011, 701

Copyright:
Copyright ? 1999

Original file name:
NPComBrg.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Windows\System32\itruscert\npcombrg701.dll

Digital Signature
Signed by:
iTrusChina Co.,Ltd.

Authority:
VeriSign, Inc.

Valid from:
2/19/2009 8:00:00 AM

Valid to:
2/27/2012 7:59:59 AM

Subject:
CN="iTrusChina Co.,Ltd.", OU=CA Center, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="iTrusChina Co.,Ltd.", L=beijing, S=beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
450A13ADB7C11A42A76C6C1653664E93

File PE Metadata
Compilation timestamp:
7/6/2011 1:43:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:uGHOr5qDE5Rby8hUpgVT7KEusfc7OiCAho83j6jsqiB9mKLZcUkYetWXiu4EIAO8:7HIu+TVT7p07O0oGPhJotWXr3O6j

Entry address:
0x2AC0

Entry point:
55, 8B, EC, 53, 8B, 5D, 08, 56, 8B, 75, 0C, 57, 8B, 7D, 10, 85, F6, 75, 09, 83, 3D, 8C, E1, 00, 10, 00, EB, 26, 83, FE, 01, 74, 05, 83, FE, 02, 75, 22, A1, 98, F8, 00, 10, 85, C0, 74, 09, 57, 56, 53, FF, D0, 85, C0, 74, 0C, 57, 56, 53, E8, E7, FE, FF, FF, 85, C0, 75, 04, 33, C0, EB, 4E, 57, 56, 53, E8, 1B, 26, 00, 00, 83, FE, 01, 89, 45, 0C, 75, 0C, 85, C0, 75, 37, 57, 50, 53, E8, C3, FE, FF, FF, 85, F6, 74, 05, 83, FE, 03, 75, 26, 57, 56, 53, E8, B2, FE, FF, FF, 85, C0, 75, 03, 21, 45, 0C, 83, 7D, 0C, 00...
 
[+]

Entropy:
5.2101

Developed / compiled with:
Microsoft Visual C++

Code size:
36 KB (36,864 bytes)

Mozilla Plugin
Name:
@alipay.com/NPComBrg701,version=1.0.2011.701


The file npcombrg701.dll has been discovered within the following program.

360Chrome  by 360 Safe Center
360 Chrome is a browser made by chinese company Qihoo 360.
About 3% of users remove it
 
Powered by Should I Remove It?

Scan npcombrg701.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.