home

zkbplugin.1.1.0.13.dll

折扣宝

ShenZhen TaiHe Capital co. ltd

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘ÕÛ¿Û±¦ä¯ÀÀÆ÷°ïÖú¶ÔÏó’.
Publisher:
微聚科技工作室  (signed by ShenZhen TaiHe Capital co. ltd)

Product:
折扣宝

Description:
折扣宝浏览器帮助对象

Version:


MD5:
e3c8e5ad571655c6d7c21b2a93bb8bef

SHA-1:
f21e707cbbf03c85c5297c8011e1a02001f64417

SHA-256:
566d6d9e78966c3aa5fc4445f3762347556474d8abfcb0d7d104c18b8ae63bfd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 4:09:06 AM UTC  (today)

File size:
135.7 KB (138,920 bytes)

Product version:


Copyright:
(C) 微聚科技工作室。保留所有权利。

Original file name:
ZKBPlugin.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, China)

Common path:
C:\Program Files\zhekoubao\zkbplugin.1.1.0.13.dll

Digital Signature
Signed by:
ShenZhen TaiHe Capital co. ltd

Authority:
Thawte, Inc.

Valid from:
3/14/2011 8:00:00 PM

Valid to:
3/14/2012 7:59:59 PM

Subject:
CN=ShenZhen TaiHe Capital co. ltd, OU=RD, O=ShenZhen TaiHe Capital co. ltd, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
40F03463EFFB186AAB2BB60FD3B7166A

File PE Metadata
Compilation timestamp:
10/18/2011 5:19:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:2Qw/NcKUjqVSrQr1DjPOTOK+Ssq1wTHh2S:rw/Cvq71fOTOKJsHtr

Entry address:
0xE187

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 1B, 40, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, C1, 8B, 4D, 08, C7, 00, 04, 82, 01, 10, 8B, 09, 89, 48, 04, C6, 40, 08, 00, 5D, C2, 08, 00, 8B, 41, 04, 85, C0, 75, 05, B8, 0C, 82, 01, 10, C3, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 57, 8B, F9, 74, 2D, 56, FF, 75, 08, E8, C5, 40, 00, 00, 8D, 70, 01, 56, E8, 4D, F1, FF, FF, 59, 59, 89, 47, 04, 85, C0, 74, 11, FF, 75, 08, 56, 50, E8, 46, 40, 00, 00...
 
[+]

Entropy:
6.3803

Code size:
86 KB (88,064 bytes)

Internet Explorer BHO
Display name:
ÕÛ¿Û±¦ä¯ÀÀÆ÷°ïÖú¶ÔÏó

CLSID:
{4753D94A-76F9-4AAD-9354-5C0AC3E383F1}


Scan zkbplugin.1.1.0.13.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.