home

SQWebAssist.dll

Zaihong

载鸿贸易(上海)有限公司

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘SQSoft Assistant’.
Publisher:
ZaihongSoft  (signed by 载鸿贸易(上海)有限公司)

Product:
Zaihong

Description:
SQWebAssist

Version:
1.0.2

MD5:
37f89e44415cd8cd30401b95b2edbcf3

SHA-1:
033d3889ccca1d07dacd7997b28268ebe3d3fe72

SHA-256:
c1baf4499d60e46dba3e7f6b63a16cdaedbe4ec43431b67b457376049e4ce91f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/13/2025 4:02:42 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
PUA.Bang5mai
t3scan.2.0.3.0

File size:
819.6 KB (839,240 bytes)

Product version:
1.0.2

Copyright:
Copyright (C) 2015 ZaihongSoft

Original file name:
SQWebAssist.dll

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\sq\plugin\sqwebassist.dll

Digital Signature
Signed by:
载鸿贸易(上海)有限公司

Authority:
WoSign CA Limited

Valid from:
12/4/2015 10:46:36 AM

Valid to:
12/4/2017 10:46:36 AM

Subject:
CN=载鸿贸易(上海)有限公司, O=载鸿贸易(上海)有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
2BDD19C54B3A82C664EBB50815E72D83

Registration
CLSID:
{7635D349-624A-4CED-9FEA-94C04A564BF1}

COM registered:
Yes

File PE Metadata
Compilation timestamp:
1/5/2016 7:26:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:bc4xSLquTpioJOd+vvaDW1lYNuCBsKbN5c+J5AejDSK9TZWx1YKpCqwxxND5T:ZSLqQHKIMN57DA+t9TZ+pCqwx7D5T

Entry address:
0x417E4

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, F6, 9E, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 20, B1, 0B, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 20, B1, 0B, 10, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF...
 
[+]

Entropy:
6.7481

Code size:
503.5 KB (515,584 bytes)

Internet Explorer BHO
Display name:
SQSoft Assistant

CLSID:
{7635D349-624A-4CED-9FEA-94C04A564BF1}

CLSID name:
SQSoft BHO Assistant


Scan SQWebAssist.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.