home

suptab.dll

SupTab

Giner Tech Inc

The module suptab.dll, “SupTab setup package” by Giner Tech Inc has been detected as adware by 26 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘IETabPage Class’. This particular feature is designed to hijack the browser in an attempt to prevent other resources from modify the browser's search and home pages.
Publisher:
Thinknice Co. Limited  (signed by Giner Tech Inc)

Product:
SupTab

Description:
SupTab setup package

Version:
2.8.8.2102

MD5:
e3b8cc7d4aa6112a674ca6bf95446475

SHA-1:
207de16aff61cbb67e4a86c748455845c753dec8

SHA-256:
c31bdfa2cc28cb97a09ebbb7f3f20a2cf7658ebeb57d9b7d97609b7eda98025a

Scanner detections:
26 / 68

Status:
Adware

Analysis date:
11/27/2024 4:47:15 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.SubTab
7.1.1

Avira AntiVirus
PUA/Subtab.Gen
3.6.1.96

avast!
Win32:GenMaliciousA-EHB [PUP]
2014.9-150514

AVG
Generic
2016.0.3110

Baidu Antivirus
PUA.Win32.Thinknice
4.0.3.15514

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.SupTab
0.98/21511

Dr.Web
Adware.Mutabaha.333
9.0.1.0134

ESET NOD32
Win32/Thinknice.B potentially unwanted (variant)
9.11612

Fortinet FortiGate
W32/Thinknice.B
5/14/2015

G Data
Win32.Application.Agent.6SKZ8Q
15.5.25

herdProtect (fuzzy)
variant of f
2015.8.11.1

K7 AntiVirus
Adware
13.203.15877

Kaspersky
not-a-virus:AdWare.Win32.SearchProtect
14.0.0.2044

Malwarebytes
PUP.Optional.SupTab.A
v2015.05.14.03

McAfee
Artemis!23D91A8FC4DC
5600.6766

NANO AntiVirus
Riskware.Win32.SubTab.drifmr
0.30.24.1636

Panda Antivirus
Generic Suspicious
15.05.14.03

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Thinknice.Installer
15.5.13.23

Sophos
ThinkNice
4.98

Trend Micro House Call
TROJ_GEN.R08NC0OE415
7.2.134

Trend Micro
TROJ_GEN.R08NC0OE415
10.465.14

Vba32 AntiVirus
AdWare.SubTab
3.12.26.4

VIPRE Antivirus
Adware.SearchProtect
40164

Zillya! Antivirus
Adware.SubTab.Win32.2
2.0.0.2174

File size:
525.6 KB (538,208 bytes)

Product version:
2.8.8.2102

Copyright:
Copyright (C) 2013

Original file name:
setup.exe

File type:
Dynamic link library (Win32 DLL)

Language:
English (United Kingdom)

Common path:
C:\Program Files\xtab\suptab.dll

Digital Signature
Signed by:
Giner Tech Inc

Authority:
GlobalSign nv-sa

Valid from:
4/20/2015 2:43:22 PM

Valid to:
12/2/2015 5:23:38 PM

Subject:
CN=Giner Tech Inc, O=Giner Tech Inc, L=Wilmington, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112186B135D0152CD8EA8D04B67D2A0CCF34

File PE Metadata
Compilation timestamp:
3/31/2015 10:53:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:tENp9SRQuY24lRMPwhkPJnS8werfZQfgVl:SNpLuJ4bASkPlH1Q4Vl

Entry address:
0x26804

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, CC, C7, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 58, 64, 06, 10, E8, AD, 60, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, A8, F5, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 54, 9F, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.0714

Developed / compiled with:
Microsoft Visual C++

Code size:
343.5 KB (351,744 bytes)

Internet Explorer BHO
CLSID:
{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

CLSID name:
IETabPage Class


Remove suptab.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.