» spappsv64.dll
Overview
Analysis
File Details
Programs (1)

spappsv64.dll

1.0.3.128

Thinknice Co. Limited

The module spappsv64.dll by Thinknice Co. Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.

File name:

spappsv64.dll

Publisher:

Skytech Co., Ltd. (signed by Thinknice Co. Limited)

Product:

1.0.3.128

Description:

Skytech

Version:

1.0.3.128

MD5:

21044ad2e0588f68f311a22e508e5ab5

SHA-1:

abf79312235533707d351aaf190c354781357d92

SHA-256:

de4712aa88128036e6e94bb0625fba43807b1f498c2664882b40e9f6c3a6c098

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/24/2024 7:33:17 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ThinkniceCoLimited.J

14.4.1.12

File size:

529.6 KB (542,320 bytes)

Product version:

1.0.3.128

Original file name:

SProtect.dll

File type:

Dynamic link library (Win64 DLL)

Language:

Chinese

Common path:

C:\Program Files\suptab\spappsv64.dll

Digital Signature

Signed by:

Thinknice Co. Limited

Authority:

GlobalSign nv-sa

Valid from:

11/26/2013 12:34:13 AM

Valid to:

11/27/2014 12:34:13 AM

Subject:

CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata

Compilation timestamp:

3/25/2014 6:08:09 AM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:FYw5RlensghNudsEEVN+2zl80K8SgTTuTRkSwsud4M5VF1cUXjos4h9:9ensghNuONdl7SUf4M7F1cU019

Entry address:

0x22C28

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 4F, 84, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, BC, BF, 05, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF... 
[+]

Entropy:

4.8651

Code size:

240 KB (245,760 bytes)

The file spappsv64.dll has been discovered within the following program.

SupTab by Thinknice Co. Limited

SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.

80% remove it

Remove spappsv64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.