home

suptabp.exe

Thinknice Co. Limited

The application suptabp.exe by Thinknice Co. Limited has been detected as adware by 9 anti-malware scanners. It is also typically executed from the user's temporary directory.
Publisher:
Thinknice Co. Limited  (signed and verified)

MD5:
763d8c9fabd915933f3754c72cbae21b

SHA-1:
e9486fa448d24118c54f2944c2da3db9892ac155

SHA-256:
5cb5b876d2d264d8dc8893befe5867fdc3ce33c247e6b5411a3861b1cfc8da7a

Scanner detections:
9 / 68

Status:
Adware

Analysis date:
4/24/2024 8:28:04 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Elex
4.0.3.1447

Dr.Web
Trojan.Inject2.334
9.0.1.097

ESET NOD32
Win32/ELEX.AD (variant)
8.9647

Malwarebytes
PUP.Optional.SupTab.A
v2014.04.07.05

McAfee
Artemis!01C611CD008F
5600.7167

Reason Heuristics
PUP.ThinkniceCoLimited.H
14.3.20.14

Sophos
Elex
4.98

Trend Micro House Call
TROJ_GE.A74D8328
7.2.97

Vba32 AntiVirus
BScope.Trojan-Dropper.Injector
3.12.26.0

File size:
2.7 MB (2,878,040 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\suptabp.exe

Digital Signature
Signed by:
Thinknice Co. Limited

Authority:
GlobalSign nv-sa

Valid from:
11/26/2013 7:34:13 AM

Valid to:
11/27/2014 7:34:13 AM

Subject:
CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata
Compilation timestamp:
3/22/2010 1:59:20 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:Y6abIyUCcF8yG8XGQFbBcEwPR62yULKeHh8CNYkedFVbJpdnplkSVkj:kE6cFBGKqbs2NXHyoboFldnplkSe

Entry address:
0x114A

Entry point:
E9, F1, 55, 00, 00, E9, 0C, 95, 00, 00, E9, 47, B9, 00, 00, E9, 52, 99, 00, 00, E9, AD, 94, 00, 00, E9, C8, A9, 00, 00, E9, 43, 9A, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
62 KB (63,488 bytes)

Remove suptabp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.