home

superapps.dll

NaSvc Module

联软神州(北京)科技有限公司

The library superapps.dll has been detected as malware by 8 anti-virus scanners.
Publisher:
Legendsoft China (Beijing) Technology Limited  (signed by 联软神州(北京)科技有限公司)

Product:
NaSvc Module

Version:
0, 0, 0, 16

MD5:
d66241a9830335881b9ac405e0b66ee4

SHA-1:
76d86efd8b2edbf14f89d42c2092a4222187fdea

SHA-256:
8520fcb365f21f5d2d13ec699ae3489a0603c9290a25ee69741cb5d0ecf9d92c

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
11/26/2024 10:39:54 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.42512
945

Bitdefender
Gen:Variant.Symmi.42512
1.0.20.925

Emsisoft Anti-Malware
Gen:Variant.Symmi.42512
8.14.07.04.11

F-Secure
Gen:Variant.Symmi.42512
11.2014-04-07_6

G Data
Gen:Variant.Symmi.42512
14.7.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.6.1.0

MicroWorld eScan
Gen:Variant.Symmi.42512
15.0.0.555

Trend Micro House Call
Suspicious_GEN.F47V0616
7.2.185

File size:
123.4 KB (126,408 bytes)

Product version:
0, 0, 0, 1

Copyright:
Copyright (C) 2013 Legendsoft China (Beijing) Technology Limited

Original file name:
nasvc.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\superapps\superapps.dll

Digital Signature
Signed by:
联软神州(北京)科技有限公司

Authority:
WoSign CA Limited

Valid from:
4/8/2014 2:02:42 PM

Valid to:
4/9/2015 2:02:42 PM

Subject:
CN=联软神州(北京)科技有限公司, E=13501296038@139.com, O=联软神州(北京)科技有限公司, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
53F2CA73E6F6B01A69A25848A1B39CA2

File PE Metadata
Compilation timestamp:
6/12/2014 2:41:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:VHs9fimPCUOVRoC3jIvYE04wzzWYY1IHNT4VIpNCz50cD0xh3a0rwlhnFzGbG0:VH86m+VRHkAEMR4mkY3a0rwlhFz30

Entry address:
0xD1CA

Entry point:
6A, 0C, 68, 10, 61, 01, 10, E8, BA, 02, 00, 00, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, CC, A1, 01, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, 9C, BA, 01, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, 85, 73, FF, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
6.2783

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
80 KB (81,920 bytes)

Remove superapps.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.