dpinterface64.dll

Skytech

Liyan Liu

The module dpinterface64.dll by Liyan Liu has been detected as adware by 11 anti-malware scanners. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages.
Publisher:
Skytech Co., Ltd.  (signed by Liyan Liu)

Product:
Skytech

Version:
1.0.1.40

MD5:
cd5e356ae953ad415b7565b00e0cbd97

SHA-1:
1727dea1e7c028d11876cfc42f3553c3c6718467

SHA-256:
1bf3380c4b576d4e565ce3fadbf0d195696deeb42174d70c5344c52f8cf099fe

Scanner detections:
11 / 68

Status:
Adware

Analysis date:
12/25/2024 12:55:31 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
TR/Trash.Gen
7.11.160.46

AVG
Zhangling
2015.0.3259

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.141021

Dr.Web
Adware.Mutabaha.50
9.0.1.0349

ESET NOD32
Win64/Thinknice.F potentially unwanted application
7.0.302.0

IKARUS anti.virus
PUA.SearchProtect
t3scan.1.7.5.0

Malwarebytes
PUP.Optional.Skytech.A
v2014.10.21.03

Reason Heuristics
PUP.LiyanLiu.N
14.10.21.3

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10176

VIPRE Antivirus
Threat.4788726
33706

File size:
104 KB (106,464 bytes)

Product version:
1.0.1.40

Copyright:
Skytech Copyright (C) 2013

Original file name:
WorkDll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\Program Files\suptab\dpinterface64.dll

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
7/22/2014 8:00:00 AM

Valid to:
7/27/2015 8:00:00 PM

Subject:
CN=Liyan Liu, O=Liyan Liu, L=Wenzhou, S=Zhejiang, C=CN

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02CA146AED05062A5F6C4AC5628BBC00

File PE Metadata
Compilation timestamp:
7/4/2014 11:45:47 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
1536:oyd3HblT8WziUalzvrR0z1g3CH18Us8fd7+Iv4+ThH3N6Udxhkt3:oyx7lTbziUAvrR0z1R7RA+F3N6U9kt3

Entry address:
0x3118

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, E7, 3B, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, 03, 00, 00, 00, CC, CC, CC, 48, 8B, C4, 48, 89, 58, 20, 4C, 89, 40, 18, 89, 50, 10, 48, 89, 48, 08, 56, 57, 41, 56, 48, 83, EC, 50, 49, 8B, F0, 8B, DA, 4C, 8B, F1, BA, 01, 00, 00, 00, 89, 50, B8, 85, DB, 75, 0F, 39, 1D, 7C, 53, 01, 00, 75, 07, 33, C0, E9, D2, 00, 00, 00, 8D, 43, FF...
 
[+]

Entropy:
5.7232

Code size:
47.5 KB (48,640 bytes)

The file dpinterface64.dll has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove dpinterface64.dll - Powered by Reason Core Security