suptab.dll

SupTab

Liyan Liu

The module suptab.dll, “SupTab setup package” by Liyan Liu has been detected as adware by 22 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘IETabPage Class’. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.
Publisher:
Thinknice Co. Limited  (signed by Liyan Liu)

Product:
SupTab

Description:
SupTab setup package

Version:
2.8.8.448

MD5:
00788cf2be045f426d23b48a007d62d8

SHA-1:
43b2963293ce3865c32132a4802b92531c16d256

SHA-256:
d48c96266ce1372d3ee9d0822611e05fedb78d88a39f2f576efdfe51c28f54dc

Scanner detections:
22 / 68

Status:
Adware

Analysis date:
12/25/2024 1:11:29 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.OFO
837

Agnitum Outpost
Trojan.Click
7.1.1

AhnLab V3 Security
Adware/Win32.Agent
2014.10.21

Avira AntiVirus
ADWARE/Adware.Gen
7.11.180.32

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.141021

Bitdefender
Adware.Agent.OFO
1.0.20.1470

Clam AntiVirus
Win.Adware.Agent-7965
0.98/21411

Dr.Web
Trojan.Click3.8536
9.0.1.05190

Emsisoft Anti-Malware
Adware.Agent.OFO
14.10.21

ESET NOD32
Win32/Thinknice.B potentially unwanted application
7.0.302.0

F-Secure
Adware.Agent.OFO
11.2014-21-10_3

G Data
Adware.Agent.OFO
14.10.24

K7 AntiVirus
Unwanted-Program
13.184.13741

Malwarebytes
PUP.Optional.SupTab.A
v2014.10.21.03

MicroWorld eScan
Adware.Agent.OFO
15.0.0.882

NANO AntiVirus
Trojan.Win32.Click3.ddmrti
0.28.2.62841

nProtect
Adware.Agent.OFO
14.10.19.01

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.BHO.LiyanLiu.G
14.10.21.1

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

VIPRE Antivirus
Threat.4788726
33706

Zillya! Antivirus
Adware.Agent.Win32.9903
2.0.0.1960

File size:
502 KB (514,016 bytes)

Product version:
2.8.8.448

Copyright:
Copyright (C) 2013

Original file name:
setup.exe

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\suptab\suptab.dll

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
7/22/2014 8:00:00 AM

Valid to:
7/27/2015 8:00:00 PM

Subject:
CN=Liyan Liu, O=Liyan Liu, L=Wenzhou, S=Zhejiang, C=CN

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02CA146AED05062A5F6C4AC5628BBC00

File PE Metadata
Compilation timestamp:
7/28/2014 6:16:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:YBlPU/7JDnHzYm71xOp82oNCH1AeOa1Tk1zVSoOgrOKJ+f:GVUhn6oEVdnuxEgrOq+f

Entry address:
0x228D4

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C5, C6, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, C0, 16, 06, 10, E8, CD, 5E, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 80, A5, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 7C, 5A, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.0717

Developed / compiled with:
Microsoft Visual C++

Code size:
325.5 KB (333,312 bytes)

Internet Explorer BHO
CLSID:
{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

CLSID name:
IETabPage Class


The file suptab.dll has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove suptab.dll - Powered by Reason Core Security