home

SQWebAssist.dll

Zaihong

载鸿贸易(上海)有限公司

It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘SQSoft Assistant’.
Publisher:
ZaihongSoft  (signed by 载鸿贸易(上海)有限公司)

Product:
Zaihong

Description:
SQWebAssist

Version:
1.0.3

MD5:
2bb9ebd582ae937e2fdfa2e7c823bed9

SHA-1:
77b085cba3c0ef9c81ae90b0c873b6b7b7adfbd6

SHA-256:
f484748d6dcaf044845858983a13ee52dd105f8b310e2cc97c6613c9c40b96f4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
1/13/2025 3:50:18 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
PUA.Bang5mai
t3scan.2.0.7.0

File size:
822.1 KB (841,800 bytes)

Product version:
1.0.3

Copyright:
Copyright (C) 2015 ZaihongSoft

Original file name:
SQWebAssist.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\sq\plugin\sqwebassist.dll

Digital Signature
Signed by:
载鸿贸易(上海)有限公司

Authority:
WoSign CA Limited

Valid from:
12/4/2015 4:46:36 AM

Valid to:
12/4/2017 4:46:36 AM

Subject:
CN=载鸿贸易(上海)有限公司, O=载鸿贸易(上海)有限公司, L=上海市, S=上海市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
2BDD19C54B3A82C664EBB50815E72D83

File PE Metadata
Compilation timestamp:
1/22/2016 11:58:00 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:wm2xI+8zX/lsHyVy6JOk+S9VDWtDn11pxplXBgHxN+QBHLudK9T/7Wx1YKnmPuQe:sn8zX0mcktIHXuRFLP9TT+nmPgy4

Entry address:
0x42B14

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 66, 9E, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 30, C1, 0B, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 30, C1, 0B, 10, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF...
 
[+]

Entropy:
6.7463

Code size:
506.5 KB (518,656 bytes)

Internet Explorer BHO
Display name:
SQSoft Assistant

CLSID:
{7635D349-624A-4CED-9FEA-94C04A564BF1}

CLSID name:
SQSoft BHO Assistant


Scan SQWebAssist.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.