bhoenabler.exe

Zhang Ling

The application bhoenabler.exe by Zhang Ling has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.
Publisher:
Zhang Ling  (signed and verified)

MD5:
9c32e65bd1e4688542e946a1bd595e25

SHA-1:
afb95723b245eb95106ec407d2443be30426c079

SHA-256:
ed441f52db1bec88f1dd828671e7aa71073166c7d69e012c3f960f348f03c098

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 12:13:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ZhangLing.K
14.8.26.5

File size:
66.9 KB (68,488 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\suptab\bhoenabler.exe

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
8/20/2014 3:03:49 PM

Valid to:
6/20/2015 3:03:49 PM

Subject:
CN=Zhang Ling, E=chloezhangling@gmail.com, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
33D813964B450F4902EA98231C8EF97E

File PE Metadata
Compilation timestamp:
7/17/2014 2:10:54 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:s617HY3GZd3ud+Y2jMGov+5LhBhPbhSabax:7fuZ2jMGouLhjPbhM

Entry address:
0x988E

Entry point:
E8, 4E, 04, 00, 00, E9, 4C, FE, FF, FF, 55, 8B, EC, FF, 15, 3C, B0, 40, 00, 6A, 01, A3, 14, E4, 40, 00, E8, 41, 05, 00, 00, FF, 75, 08, E8, 3F, 05, 00, 00, 83, 3D, 14, E4, 40, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 27, 05, 00, 00, 59, 68, 09, 04, 00, C0, E8, 28, 05, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 39, 05, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, F8, E1, 40, 00, 89, 0D, F4, E1, 40, 00, 89, 15, F0, E1, 40, 00, 89, 1D, EC, E1, 40, 00, 89, 35, E8, E1, 40, 00, 89, 3D, E4...
 
[+]

Entropy:
6.0262

Code size:
38.5 KB (39,424 bytes)

The file bhoenabler.exe has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove bhoenabler.exe - Powered by Reason Core Security