npsharecom64.dll

Shahai ShareCom Plugin

Nanjing Suning yifubao Network Technology Co., Ltd.

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘Shahai ShareCom Plugin’.
Publisher:
Shahai Info  (signed by Nanjing Suning yifubao Network Technology Co., Ltd.)

Product:
Shahai ShareCom Plugin

Version:
1.0.0.26

MD5:
6fa0f9bd63292f704a8dd8121459dbf1

SHA-1:
305fb5a1ef882ab8ca51b3d49b51513837984602

SHA-256:
a4fc8a9b835343e533840636a565ed019906f751e11e0c854df3bd27d1a85603

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/24/2024 12:54:10 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
19313

McAfee
Generic Obfuscated.c
5600.7055

Trend Micro House Call
Suspicious_GEN.F47V0729
7.2.277

File size:
876 KB (897,000 bytes)

Product version:
1.0.0.26

Copyright:
Shahai Info. All rights reserved.

Original file name:
npShareCom.dll

File type:
Dynamic link library (Win64 DLL)

Common path:
C:\windows\syswow64\shahai\npsharecom64.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/20/2013 8:00:00 AM

Valid to:
4/19/2016 7:59:59 AM

Subject:
CN="Nanjing Suning yifubao Network Technology Co., Ltd.", OU=yifubao, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Nanjing Suning yifubao Network Technology Co., Ltd.", L=jiangsu, S=nanjing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
678A635D718CDE7CD20189555FBBD131

Registration
CLSID:
{82B6898B-A0B5-48E2-9D35-C2DE65F2299D}

ProgID:
ShareCtrl.1.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
5/6/2014 12:25:30 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:WV1wenCbt+GDnsarYIab67kfluf5nC2Fk9uCjOi:wTSt3DssYO9ntkMC1

Entry address:
0x1A107D

Entry point:
E9, F4, 1E, 00, 00, E9, E4, 23, 00, 00, E9, 6C, 42, 01, 00, 8C, BC, BD, 2F, FC, E5, FF, 40, 8E, C1, DF, 86, A3, A6, B0, 9D, DD, 74, 2A, 2E, 7C, E3, 05, 71, 51, F2, 2E, 2B, BB, 91, F4, 80, 51, 6A, 51, 1A, 59, 13, 76, 38, FA, 54, 2F, 18, F9, 63, 56, F9, 93, BD, 79, A7, 59, ED, CA, 3B, 0D, BA, 08, 48, 4D, 02, 0A, A5, A1, 3D, FA, 8F, F3, 7E, F0, 8A, 23, 7A, 3B, BD, 25, 32, A1, 0E, 2D, 2D, 42, 66, BA, 08, 48, 39, EF, F1, 8F, 80, 73, 7F, E7, 71, 6F, 42, 44, 01, 98, F2, B6, 3D, 0C, 21, 77, 03, A9, E6, F2, D5, 1D...
 
[+]

Entropy:
7.9391

Packer / compiler:
Xtreme-Protector v1.05

Code size:
635 KB (650,240 bytes)

Mozilla Plugin
Name:
Shahai ShareCom Plugin


Scan npsharecom64.dll - Powered by Reason Core Security