home

npshsuningkbd.dll

shahai Password Plugin

Nanjing Suning yifubao Network Technology Co., Ltd.

It is installed within the Mozilla Firefox web browser as an extension/plugin as ‘shahai Password Plugin’.
Publisher:
shahaiinfo  (signed by Nanjing Suning yifubao Network Technology Co., Ltd.)

Product:
shahai Password Plugin

Version:
20.0.0.36

MD5:
562ae6a3a0c3eb78bab9db49b245befb

SHA-1:
f2b176923c7657714c53ea628f6807cfec93ae9a

SHA-256:
2b27e68dce1dde324467fc62b17131bfbd89ea9c78661596df853bd0a070c92b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:48:20 PM UTC  (today)

File size:
637.5 KB (652,792 bytes)

Product version:
20.0.0.36

Copyright:
shahaiinfo. All rights reserved.

Original file name:
shahaiinfo.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\suning\npshsuningkbd.dll

Digital Signature
Signed by:
Nanjing Suning yifubao Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/20/2013 8:00:00 AM

Valid to:
4/19/2016 7:59:59 AM

Subject:
CN="Nanjing Suning yifubao Network Technology Co., Ltd.", OU=yifubao, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Nanjing Suning yifubao Network Technology Co., Ltd.", L=jiangsu, S=nanjing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
678A635D718CDE7CD20189555FBBD131

File PE Metadata
Compilation timestamp:
4/19/2014 5:16:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:mwyN6liYAS0CB1cpqm1wbnTN/ZaqCHDvwx3Y7qXqb9iPLGXZa+GzhSK3L:7yAA9Cz8qm1w9/o/q9A9iP6JsQW

Entry address:
0x108753

Entry point:
E9, AF, 24, FF, FF, AA, 9C, 8D, 64, 24, 0C, E9, 14, E9, FE, FF, BE, 8A, 2E, 2C, 9B, 6C, 89, 37, 75, 37, 36, 4C, A7, 6F, 4E, EE, CB, 89, B2, 52, 1F, 23, 5C, 44, 4E, 1B, B9, 13, 3F, 7D, 18, 81, ED, B6, 4E, 6D, B9, A8, B5, E5, CB, CF, 4F, 18, B2, 96, F9, C5, B2, 80, 67, 25, DC, B6, 9B, 21, 36, CA, D1, 77, 22, F2, F5, 85, 19, E5, A5, B4, D2, AC, 72, 6D, EB, BA, C0, B0, 7D, 15, 50, F8, 6F, 92, 3E, 12, 20, CE, B3, C9, 67, 00, 04, EF, 92, 3A, 03, 9B, 8D, 2E, D6, BB, 8B, 88, 14, E9, E9, E6, 76, 2C, 73, 22, FD, B8...
 
[+]

Entropy:
7.8541

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
304 KB (311,296 bytes)

Mozilla Plugin
Name:
shahai Password Plugin


Scan npshsuningkbd.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.