home

npshsuningkbd64.dll

shahai Password Plugin

Nanjing Suning yifubao Network Technology Co., Ltd.

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘shahai Password Plugin’.
Publisher:
shahaiinfo  (signed by Nanjing Suning yifubao Network Technology Co., Ltd.)

Product:
shahai Password Plugin

Version:
20.0.0.36

MD5:
7fbb585ea4760c54ad7ac163d9c525af

SHA-1:
5e47a12462e33ac6acdcd1789f283b6f51701536

SHA-256:
8a0446c97f975f0ce0248cf657574c489fd3d5be88c5ff6a2c012f12afbf8867

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 4:44:11 AM UTC  (today)

Scan engine
Detection
Engine version

McAfee
Generic Obfuscated.c
5600.7034

File size:
734 KB (751,608 bytes)

Product version:
20.0.0.36

Copyright:
shahaiinfo. All rights reserved.

Original file name:
shahaiinfo.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\windows\syswow64\suning\npshsuningkbd64.dll

Digital Signature
Signed by:
Nanjing Suning yifubao Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/20/2013 8:00:00 AM

Valid to:
4/19/2016 7:59:59 AM

Subject:
CN="Nanjing Suning yifubao Network Technology Co., Ltd.", OU=yifubao, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Nanjing Suning yifubao Network Technology Co., Ltd.", L=jiangsu, S=nanjing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
678A635D718CDE7CD20189555FBBD131

Registration
CLSID:
{943CECBA-291B-47f5-983E-07050A7F56DC}

ProgID:
ATL2.MyEditBox.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/19/2014 5:17:31 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:I8NyonhwcWB2Pk6ifOIrRyzJ6+fy5R09ybmFFKajXBqYcvRBrt5RzenW6VtNJwWd:I8ThTWYPkffOWwzzdgajxTcvRPzy3NJh

Entry address:
0x1A4AFD

Entry point:
E9, 02, 26, FB, FF, 16, 3C, 89, 95, C1, E5, FF, A6, F4, 59, EE, 66, 2C, 82, B0, A7, 2D, 20, 5A, FA, D3, 9D, EF, 6B, 84, CC, EA, CD, B6, 9D, 27, 50, 7B, CF, A4, C5, 88, C1, B6, 0C, FB, B1, 6F, D7, 64, E7, 81, D0, CE, 83, 9B, 14, 83, 3A, 41, B6, 7F, 95, E3, 72, 64, 04, 6E, 9A, 64, 00, 0D, 15, 81, 7E, F3, 7A, F6, C3, 60, C5, 29, 42, 90, B4, 75, E0, 29, 41, 39, A8, 19, 67, C1, C3, 88, 19, 01, 7F, EB, 2D, 7E, 15, B1, 5A, 0D, 80, F1, 76, A5, 33, E8, 8E, 31, CB, D0, 5C, FB, DE, 8E, 43, 5A, AB, E4, FF, E0, 01, 50...
 
[+]

Entropy:
7.9224

Packer / compiler:
Xtreme-Protector v1.05

Code size:
372.5 KB (381,440 bytes)

Mozilla Plugin
Name:
shahai Password Plugin


Scan npshsuningkbd64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.