home

tpsc.dll

SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD

The library tpsc.dll has been detected as malware by 1 anti-virus scanner.
Publisher:
SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD  (signed and verified)

MD5:
682e6361651fe16d1b2a56ccf2e2e3b3

SHA-1:
33df5df21e8dec1a56f6775cb27a0e9743f246c9

SHA-256:
a7061ede072fe14b181680921301099d4dcbbd76003dfb05ba2aa29302e6e4be

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/18/2024 9:19:44 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.12.19

File size:
169 KB (173,008 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\picview_201509142321\201509142321\tpsc.dll

Digital Signature
Signed by:
SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD

Authority:
WoSign CA Limited

Valid from:
5/5/2015 4:47:23 PM

Valid to:
6/5/2016 5:47:23 PM

Subject:
CN="SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD", O="SHENGJUGUANG ONLINE INFORMATION TECHNOLOGY CO., LTD", L=Nanning, S=Guangxi Zhuangzu Zizhiqu, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
153E5FD641E989DBE701EE17BA3579EE

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:8oOQaXgqyQb/62Zn0OjcfyBTO3j9ghCUIoDFQhHqfHFVDxTp8Q5TMPEjlCdHpBkD:lOQUgb2h0OjkQS3j0CxMvFVX8MTzjlCL

Entry address:
0x3D1D9

Entry point:
68, EA, FC, F4, 46, E8, DF, 5C, 02, 00, 00, 00, 53, 61, 66, 65, 41, 72, 72, 61, 79, 47, 65, 74, 55, 42, 6F, 75, 6E, 64, 00, 3C, 09, 60, E8, D6, DE, 01, 00, 89, 44, 24, 0C, C6, 44, 24, 04, 00, FF, 74, 24, 0C, C2, 10, 00, C7, 44, 24, 0C, F5, 04, 46, 00, 60, 9C, 89, 44, 24, 2C, 9C, 68, 54, 33, 88, C2, 66, C7, 04, 24, 3B, 37, FF, 74, 24, 34, C2, 38, 00, 00, C0, 43, 00, 14, C0, 43, 00, 18, C0, 43, 00, 49, D2, 43, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, B3, 1D, F6, D3, 0F, 9F, C3, 41...
 
[+]

Entropy:
7.8606  (probably packed)

Code size:
400.5 KB (410,112 bytes)

Remove tpsc.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.