home

npshucfpay64.dll

shahai Password Plugin

Chongqing Shahai Information Tech Co.,Ltd

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘UCFPAY Password Plugin’.
Publisher:
htjc  (signed by Chongqing Shahai Information Tech Co.,Ltd)

Product:
shahai Password Plugin

Version:
10.0.0.38

MD5:
3c8effd180bcdd81e23f3a07959f8a06

SHA-1:
8954059baa6c69bcfde58d02f9361d8e373163ac

SHA-256:
8f7dabda95858d67d5d85f95b287825b5a33d5bdf0505fd3438b74f8677c1d41

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 2:45:59 PM UTC  (today)

File size:
695.8 KB (712,528 bytes)

Product version:
10.0.0.38

Copyright:
shahaiinfo. All rights reserved.

Original file name:
shahaiinfo.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\windows\syswow64\shahai\npshucfpay64.dll

Digital Signature
Signed by:
Chongqing Shahai Information Tech Co.,Ltd

Authority:
VeriSign, Inc.

Valid from:
6/26/2014 8:00:00 AM

Valid to:
8/26/2015 7:59:59 AM

Subject:
CN="Chongqing Shahai Information Tech Co.,Ltd", OU=IT, O="Chongqing Shahai Information Tech Co.,Ltd", L=Chongqing, S=Chongqing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ABA7B20248A50ACD93F3A01195662E1

Registration
CLSID:
{598BD8F9-CE1C-4b52-9C0E-6EA55E2371A7}

ProgID:
ATL2.MyEditBox.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
7/11/2014 10:59:44 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:ZJea/Pcu9SQ6o/Xom8LEC14CgHOGQOs/DDEtQpjaIj9iZv6JuM5lsBMFpPDrZX2y:HeqzSlcX7Gus//o6Xj9iZv8uOlswXd2y

Entry address:
0xE9A4A

Entry point:
E9, 52, 46, 00, 00, 68, 7E, F0, C3, 95, E9, CF, 7F, 00, 00, E9, B1, 7F, 05, 00, F5, F8, F5, 85, FF, E9, 9F, 7A, 00, 00, F5, 8B, 3C, 8F, 38, D1, 85, FF, E9, 69, 3E, 00, 00, 0F, 83, ED, 2D, 02, 00, A8, 4B, F5, 3D, 7F, 00, 00, 00, E9, 4F, 0F, 00, 00, 90, B3, 8B, 97, 72, F1, FF, A8, F6, 4E, EF, 79, EC, D2, 11, B0, 2D, 20, 5A, 00, BC, 94, B9, 9D, 2E, 1C, 57, 19, 87, E0, 6F, 00, 97, E1, F3, 66, 80, D0, C5, 8E, 22, 30, 8B, E7, CB, 9A, 5C, F1, 55, 17, F2, 1F, 5A, 71, FC, 92, 03, 38, A7, 0E, 63, E2, D0, D5, 17, B3...
 
[+]

Entropy:
7.9192

Packer / compiler:
Xtreme-Protector v1.05

Code size:
340.5 KB (348,672 bytes)

Mozilla Plugin
Name:
UCFPAY Password Plugin


Scan npshucfpay64.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.