home

npdzzoerunner.dll

Dzzoe Plugin

Magic Desktop S&T Development Co., Ltd.

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Precognition’.
Publisher:
魔法桌面(北京)软件有限公司  (signed by Magic Desktop S&T Development Co., Ltd.)

Product:
Dzzoe Plugin

Description:
魔法桌面浏览器组件

Version:
3,1,6,1

MD5:
196813e9b00fca6e0652ea482a220445

SHA-1:
26c6e973760008d66bf8bc7755fbbb5181d561a1

SHA-256:
eebd4f1be979407fe1b56343e3b598acfddbc772617b65a45b4f554c3766fc76

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:34:54 AM UTC  (today)

File size:
621.4 KB (636,304 bytes)

Product version:
3,1,6,1

Copyright:
魔法桌面(北京)软件有限公司. All rights reserved.

Original file name:
npdzzoerunner.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\藹楊袤醱藝趙卼\mofa_v3.1.8\npdzzoerunner.dll

Digital Signature
Signed by:
Magic Desktop S&T Development Co., Ltd.

Authority:
WoSign eCommerce Services Limited

Valid from:
2/14/2012 4:06:00 AM

Valid to:
2/14/2013 9:38:22 PM

Subject:
E=xing555@netease.com, CN="Magic Desktop S&T Development Co., Ltd.", O="Magic Desktop S&T Development Co., Ltd.", L=Tianjin, S=Tianjin, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
09EA0187F2DF59

File PE Metadata
Compilation timestamp:
6/21/2012 9:59:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
6144:3rSsVBOVCLhKWOpDJSnRwRyKy5vlyDVJHaLAK+FwNPJk7teO2aQDnlaCk:3rSGBOVCLhKWOpdSnYCkzK+GAte2iDk

Entry address:
0x38FAA

Entry point:
E9, EC, D7, 03, 00, E9, BC, 4F, 01, 00, E9, F7, 90, 03, 00, E9, 24, D6, 06, 00, E9, BF, B9, 03, 00, E9, D8, 0E, 01, 00, E9, B3, DB, 00, 00, E9, 5E, 89, 00, 00, E9, 49, F7, 00, 00, E9, F2, 1A, 06, 00, E9, BF, 3C, 03, 00, E9, 92, D6, 06, 00, E9, 55, 01, 05, 00, E9, C0, E5, 02, 00, E9, D6, D2, 06, 00, E9, 09, DB, 03, 00, E9, 81, 33, 01, 00, E9, 50, D9, 06, 00, E9, B0, 4E, 05, 00, E9, B2, 17, 03, 00, E9, ED, 6E, 02, 00, E9, 80, 36, 04, 00, E9, 93, 9C, 01, 00, E9, 5E, CE, 00, 00, E9, 8D, A2, 03, 00, E9, 04, E0...
 
[+]

Entropy:
5.7649

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
476 KB (487,424 bytes)

Internet Explorer BHO
Display name:
Precognition

CLSID:
{1722EAFF-08C2-4a92-9A99-8E4BCD8312B3}


Scan npdzzoerunner.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.