home

npdzzoerunner.dll

Dzzoe Plugin

BOENSI S&T Development Co., Ltd.

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Precognition’.
Publisher:
魔法桌面(北京)软件有限公司  (signed by BOENSI S&T Development Co., Ltd.)

Product:
Dzzoe Plugin

Description:
魔法桌面浏览器组件

Version:
3,1,0,1

MD5:
65074b68ca1d37aef7c65395304f5331

SHA-1:
46e99b72e2832082b043041ad9a4ed70d362619c

SHA-256:
d239a24094acda496d2073817386dd5b99b109535f9124f3c6315ca6362256c1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 1:26:32 PM UTC  (today)

File size:
614.3 KB (629,064 bytes)

Product version:
3,1,0,1

Copyright:
魔法桌面(北京)软件有限公司. All rights reserved.

Original file name:
npdzzoerunner.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\???????\mofa_v3.1.1\npdzzoerunner.dll

Digital Signature
Signed by:
BOENSI S&T Development Co., Ltd.

Authority:
WoSign, Inc.

Valid from:
2/16/2011 8:00:00 AM

Valid to:
2/17/2012 7:59:59 AM

Subject:
CN="Magic Desktop S&T Development Co., Ltd.", OU=WoSign Class 3 Code Signing, O="BOENSI S&T Development Co., Ltd.", L=Tianjin, S=Tianjin, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
00E8E82F4DD3B9EDB9F5DE24677373B2A1

File PE Metadata
Compilation timestamp:
1/19/2012 7:13:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
6144:mTf7NIWa+s6IrifxvqJ/aKuirpkuCJ0DuXX762qSJlwZv:mTf7NIQs6IrifxCgsVfDun7SqW

Entry address:
0x38FAA

Entry point:
E9, 0C, D5, 03, 00, E9, 7C, 4E, 01, 00, E9, 17, 8E, 03, 00, E9, 44, D3, 06, 00, E9, DF, B6, 03, 00, E9, 18, 0E, 01, 00, E9, F3, DA, 00, 00, E9, 9E, 88, 00, 00, E9, 89, F6, 00, 00, E9, 12, 18, 06, 00, E9, DF, 39, 03, 00, E9, B2, D3, 06, 00, E9, 75, FE, 04, 00, E9, E0, E2, 02, 00, E9, F6, CF, 06, 00, E9, 29, D8, 03, 00, E9, 41, 32, 01, 00, E9, D5, 4B, 05, 00, E9, D7, 14, 03, 00, E9, 12, 6C, 02, 00, E9, A5, 33, 04, 00, E9, 58, 9B, 01, 00, E9, A3, CD, 00, 00, E9, B2, 9F, 03, 00, E9, 29, DD, 02, 00, E9, F1, C9...
 
[+]

Entropy:
5.7628

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
476 KB (487,424 bytes)

Internet Explorer BHO
Display name:
Precognition

CLSID:
{1722EAFF-08C2-4a92-9A99-8E4BCD8312B3}


Scan npdzzoerunner.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.