home

npshucfpay.dll

shahai Password Plugin

Chongqing Shahai Information Tech Co.,Ltd

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘UCFPAY Password Plugin’.
Publisher:
htjc  (signed by Chongqing Shahai Information Tech Co.,Ltd)

Product:
shahai Password Plugin

Version:
10.0.0.38

MD5:
7dae16a87fc978718255752dfb4f2b03

SHA-1:
dc94d1e93b92f2209bbc314d699f0ca084a4af3f

SHA-256:
e3059170ca493b4647e9fd5dfb109ec8d86c365742b1f979a6b4a7fe2113c34f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 12:38:48 PM UTC  (today)

File size:
610.3 KB (624,976 bytes)

Product version:
10.0.0.38

Copyright:
shahaiinfo. All rights reserved.

Original file name:
shahaiinfo.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\shahai\npshucfpay.dll

Digital Signature
Signed by:
Chongqing Shahai Information Tech Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
6/26/2014 8:00:00 AM

Valid to:
8/26/2015 7:59:59 AM

Subject:
CN="Chongqing Shahai Information Tech Co.,Ltd", OU=IT, O="Chongqing Shahai Information Tech Co.,Ltd", L=Chongqing, S=Chongqing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ABA7B20248A50ACD93F3A01195662E1

File PE Metadata
Compilation timestamp:
7/11/2014 11:04:30 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:ipHfvUyjMxAXlZvTco3am6EXPne/w7+A4hJo4POFxberk/kbJ6C2Q:i5mG1Co3qEPL7+Xvo4NrRJ6C2Q

Entry address:
0xE0157

Entry point:
0F, 87, 9B, BB, FF, FF, 60, 60, 9C, C7, 44, 24, 40, 3A, 4E, E5, 5B, 89, 54, 24, 04, E9, 91, 2D, 00, 00, 57, 60, E9, B2, 0C, 02, 00, F1, 99, 45, 15, 21, 6F, 89, 4C, 03, CF, BC, 9E, A7, BD, 3A, D4, CB, 8B, 8C, 4A, 6F, 03, 06, 86, AD, 23, 08, 8C, 9F, 23, 97, 5F, 26, F0, 0B, 89, BE, 96, 12, B6, E6, E1, 40, D4, CB, 69, 2C, 36, F3, 85, D8, 42, 2D, 29, D8, 92, FE, D3, 6B, 6E, 1E, 41, A4, 36, 28, F7, FE, 06, 5D, 36, 5A, 53, B9, 09, D7, 7D, 49, 68, A0, 81, F9, CA, 23, F1, B5, 0B, BD, F5, 8F, 05, B0, 8E, 55, 61, 8E...
 
[+]

Entropy:
7.8793  (probably packed)

Code size:
280 KB (286,720 bytes)

Mozilla Plugin
Name:
UCFPAY Password Plugin


Scan npshucfpay.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.