» suptab.dll
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

suptab.dll

SupTab

Thinknice Co. Limited

The module suptab.dll, “SupTab setup package” by Thinknice Co. Limited has been detected as adware by 14 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘IETabPage Class’. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.

File name:

suptab.dll

Publisher:

Thinknice Co. Limited (signed and verified)

Product:

SupTab

Description:

SupTab setup package

Version:

2.8.8.295

MD5:

7f8177497daea4e9d6800cc17186c7a5

SHA-1:

d900e7a2c4bec4703960cfac1b7f534858c113c4

SHA-256:

3d27085b1bd3decf9d32f2a6b1863b0cdf5cd6d2bef1f170f713afb03777e69e

Scanner detections:

14 / 68

Status:

Adware

Analysis date:

4/23/2024 5:56:27 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Agent

7.1.1

Baidu Antivirus

Adware.Win32.Agent

4.0.3.14620

Dr.Web

Adware.Toolbar.244

9.0.1.0171

ESET NOD32

Win32/Thinknice.B potentially unwanted application

7.0.302.0

G Data

Win32.Application.SubTab

14.6.24

IKARUS anti.virus

PUA.SubTab

t3scan.1.6.1.0

Kaspersky

not-a-virus:AdWare.Win32.Agent

15.0.0.463

Malwarebytes

PUP.Optional.SupTab.A

v2014.06.20.09

Qihoo 360 Security

HEUR/Malware.QVM30.Gen

1.0.0.1015

Reason Heuristics

PUP.Installer.ThinkniceCoLimited.G

14.6.20.21

Total Defense

Win32/Tnega.FRHZcHB

37.0.10831

Trend Micro House Call

TROJ_GEN.F47V0509

7.2.171

Trend Micro

ADW_BHO

10.465.20

Vba32 AntiVirus

AdWare.Agent

3.12.26.3

File size:

501.6 KB (513,648 bytes)

Product version:

2.8.8.295

Original file name:

setup.exe

File type:

Dynamic link library (Win32 DLL)

Language:

English (United Kingdom)

Common path:

C:\Program Files\suptab\suptab.dll

Digital Signature

Signed by:

Thinknice Co. Limited

Authority:

GlobalSign nv-sa

Valid from:

11/25/2013 10:34:13 PM

Valid to:

11/26/2014 10:34:13 PM

Subject:

CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata

Compilation timestamp:

5/8/2014 12:25:15 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:zBlPU/7JDnHzYm71xOp82oNCH1AeOa1Tk1nV3oOerOKJR:9VUhn6oEVdnuVherOqR

Entry address:

0x228D4

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C5, C6, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, C0, 16, 06, 10, E8, CD, 5E, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 80, A5, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 7C, 5A, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Entropy:

6.0702

Developed / compiled with:

Microsoft Visual C++

Code size:

325.5 KB (333,312 bytes)

Internet Explorer BHO

CLSID:

{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

CLSID name:

IETabPage Class

The file suptab.dll has been discovered within the following program.

SupTab by Thinknice Co. Limited

SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.

80% remove it

Remove suptab.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.