home

Chongqing Shahai Information Tech Co.,Ltd

Publisher Information

Chongqing Shahai Information Tech Co.,Ltd is a software developer located in Beijing, China*. Thre are 5 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
4/12/2012 8:00:00 AM

Valid to:
6/12/2013 7:59:59 AM

Subject:
CN="Chongqing Shahai Information Tech Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Chongqing Shahai Information Tech Co.,Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
313648fd9fef848c2c3f4c6387b94aaf

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Zillya! Antivirus
Trojan.FarfliCRTD.Win32.1676, Trojan.Jumpta.Win32.2
50.00%

ESET NOD32
Win32/Kuping.B potentially unwanted application, Win32/Agent.XXZ trojan
37.50%

K7 AntiVirus
Adware , Trojan
37.50%

ESET NOD32
Win32/Kuping.K potentially unwanted (variant), Win32/Kuping.B potentially unwanted (variant), Win32/Agent.VNF (variant)
37.50%

AegisLab AV Signature
Troj.W32.Gobot.mqkp, Troj.W32.Jumpta!c
37.50%

IKARUS anti.virus
PUA.Kuping, Trojan.Win32.Jumpta
37.50%

Qihoo 360 Security
Trojan.Generic, Trojan.Adware.Win32.Agent.AV
37.50%

Avira AntiVirus
PUA/Kuping.Gen, TR/Semsubim.jwoj
25.00%

AVG
Win32/Blacked, Agent4
25.00%

Bkav FE
W32.Clodc2e.Trojan
12.50%

1 / 68
intel.sys  (e5a5f8892a1ebe9c2c56e3b43001e65d)

0 / 68
2.dat  (0d080eb79eb9f39cca14bb7231629191)

0 / 68
intel.sys  (812b039c06319aee86ad119a03f9856a)

0 / 68
npshbsbank.dll (shahai Password Plugin by shahaiinfo)  (2bb5c7861c50c4558d0c3d7d977b451f)

0 / 68
shbsb.sys  (d446cbc3fc3f31ebcea059cadb7b6725)

0 / 68
hbb_pwd.exe  (dbc48bfcfb658816204ec6d47d043527)

0 / 68
intel.sys  (ca815e9bea8cf808ad8acd496ecf1705)

30 / 68    (PUP)
svchost.exe  (8e45ea84863b1373557f413c3410c0ba)

0 / 68
passprotect.sys  (3da24e62f5d5615f3fc1206fa31467e5)

0 / 68
uninstkeyboard.exe (UninstUt by Bank of Woori)  (667f190ee61d6bfc7291a93cdfa7b0e5)

0 / 68
im.exe  (cb162b0e2e1de4bcdca855118dde9329)

0 / 68
leg904_en_d.exe  (ce47367406290aeeb4ea570cb01665b5)

0 / 68
ybccbassistcheckcom_x64.dll (YBCCB)  (02f4d166944d9ff55af52da408235c01)

0 / 68
ybccbassistcheckcom.dll (YBCCB)  (682864afebf3947e91b225ce2ed3da45)

1 / 68
rl6grpfcg0.sys  (9dfe7709ff0396095d767d6efd56b644)

0 / 68
npshhanabank.dll (shahai hana Password Plugin by shahaiinfo)  (6a909c90c296f83ec93a4a5dd0cd3587)

0 / 68
shhanabank64.sys  (9901fd26c235cc57d335f05f7a581129)

0 / 68
广西北部湾银行网银助手.exe (BankofBBG_Assist by Shahaiinfo)  (38ad2167c84534bef39715ed507ea660)

0 / 68
exceptionhandler.dll  (5e4bc0fed85140fd7dd066555315bfcf)

0 / 68
shbbwbank.sys  (c7b5787be8685a4b6e78974c2d44ace4)

0 / 68
hidtmup.dat (livtdio)  (ad58696f17a674598b78805679e1686d)

0 / 68
hidpata.dll  (cf83ed40c85787ae43e456dfb20b46d2)

6 / 68      (PUP)
LegendChiYue.EXE  (82da6cdbca2344f051a56b28644fdea1)

0 / 68
npshhanabank.dll (shahai hana Password Plugin by shahaiinfo)  (511ac35f7cf2e9deb08c06b87cd79f4e)

0 / 68
shhanabank.sys  (f8452a580bfd4bdb6474873a59a902d5)

0 / 68
qqpcdetector.dll  (a2addcfa7c4e101c60142d543f37da0a)

0 / 68
shsrcb.sys  (8c44eefb2a4c9a4d9d7dd9bf80e77479)

0 / 68
shzjrcb.sys  (27f1bd296f13e7aa7c698d0adeaf3f7a)

0 / 68
npshhbbank.dll (shahai Password Plugin by shahaiinfo)  (a31158c96c5518a9394e58e80469a3b1)

0 / 68
npshhbbank64.dll (shahai Password Plugin by shahaiinfo)  (5f8d529aa1be443c319e4f4434e78f69)

 
Latest 30 of 75 files

The certificates below are also signed by Chongqing Shahai Information Tech Co.,Ltd.

766B48CD353CE244081433E07C2678AB  (Feb 18, 2016 to Sep 11, 2016)

48C3DC72FE59B29E68DD8B4C8E454AD9  (Jun 12, 2015 to Sep 11, 2016)

7ABA7B20248A50ACD93F3A01195662E1  (Jun 26, 2014 to Aug 26, 2015)

71825A61C6D3DB1C677B6F98174E44F8  (May 13, 2013 to Jul 13, 2014)

6144B2B7D044E8CE85A337E29A775AA9  (May 27, 2011 to May 11, 2012)

* Note, the details and description above are based on the code signing digital signature issued to Chongqing Shahai Information Tech Co.,Ltd by VeriSign, Inc. on April 12, 2012 with the serial number '313648fd9fef848c2c3f4c6387b94aaf'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.