suptab.dll

SupTab

Zhang Ling

The module suptab.dll, “SupTab setup package” by Zhang Ling has been detected as adware by 24 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘IETabPage Class’. This file is typically installed with the program SupTab by Thinknice Co. Limited which is a potentially unwanted software program.
Publisher:
Thinknice Co. Limited  (signed by Zhang Ling)

Product:
SupTab

Description:
SupTab setup package

Version:
2.8.8.448

MD5:
3a012718ba5315abd1b7a371d1b53b70

SHA-1:
ffe8f39a33b1531fe5382a8bb0c86ca4d73aa2b9

SHA-256:
5647e72a121807043e6d974a8f525cf9eacbc4ee53d9b9e7d9927b17b7cd27b0

Scanner detections:
24 / 68

Status:
Adware

Analysis date:
12/25/2024 1:12:50 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.OFO
864

Agnitum Outpost
Trojan.Click
7.1.1

AhnLab V3 Security
Adware/Win32.Agent
2014.09.24

Avira AntiVirus
APPL/SubTab.spe
7.11.174.42

Baidu Antivirus
Adware.Win32.Thinknice
4.0.3.14924

Bitdefender
Adware.Agent.OFO
1.0.20.1335

Clam AntiVirus
Win.Adware.Agent-7965
0.98/19422

Dr.Web
Trojan.Click3.8536
9.0.1.0267

Emsisoft Anti-Malware
Adware.Agent.OFO
8.14.09.24.07

ESET NOD32
Win32/Thinknice
8.10299

F-Secure
Adware.Agent.OFO
11.2014-24-09_4

G Data
Adware.Agent.OFO
14.9.24

IKARUS anti.virus
PUA.SubTab
t3scan.1.7.5.0

K7 AntiVirus
Unwanted-Program
13.183.13463

Malwarebytes
PUP.Optional.SupTab.A
v2014.09.24.07

McAfee
Artemis!6B1BEBDDF149
5600.6925

MicroWorld eScan
Adware.Agent.OFO
15.0.0.801

NANO AntiVirus
Trojan.Win32.Click3.ddmrti
0.28.2.61721

nProtect
Adware.Agent.OFO
14.08.22.01

Reason Heuristics
PUP.BHO.ZhangLing.G
14.9.24.7

Sophos
Generic PUA NA
4.98

Vba32 AntiVirus
AdWare.Agent
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
32452

Zillya! Antivirus
Adware.Agent.Win32.9903
2.0.0.1899

File size:
503.4 KB (515,464 bytes)

Product version:
2.8.8.448

Copyright:
Copyright (C) 2013

Original file name:
setup.exe

File type:
Dynamic link library (Win32 DLL)

Language:
English (United Kingdom)

Common path:
C:\Program Files\suptab\suptab.dll

Digital Signature
Signed by:

Authority:
WoSign CA Limited

Valid from:
9/23/2014 8:39:35 PM

Valid to:
6/23/2015 8:39:35 PM

Subject:
CN=Zhang Ling, E=chloezhangling@gmail.com, L=北京市, S=北京市, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
4BD6CD01962107D32D308240DA61E020

File PE Metadata
Compilation timestamp:
7/28/2014 3:16:02 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:WBlPU/7JDnHzYm71xOp82oNCH1AeOa1Tk1zVSoOgrOKJO:EVUhn6oEVdnuxEgrOqO

Entry address:
0x228D4

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, C5, C6, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, C0, 16, 06, 10, E8, CD, 5E, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 80, A5, 06, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 7C, 5A, 05, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.0795

Developed / compiled with:
Microsoft Visual C++

Code size:
325.5 KB (333,312 bytes)

Internet Explorer BHO
CLSID:
{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

CLSID name:
IETabPage Class


The file suptab.dll has been discovered within the following program.

SupTab  by Thinknice Co. Limited
SupTab is an web browser advertisement injection extension that is designed with the core purpose of delivering ads to the user's web browser. Ads are in the form of banners (both static and videos) as well as context-hyper links.
80% remove it
 
Powered by Should I Remove It?

Remove suptab.dll - Powered by Reason Core Security