Installer_Regwork.exe
Honlyn (Macao Commercial Offshore) Limited
The application Installer_Regwork.exe by Honlyn (Macao Commercial Offshore) Limited has been detected as a potentially unwanted program by 5 anti-malware scanners. This version of the file will bundle the Ask.com Toolbar, a potentially unwanted web browser extension. The file has been seen being downloaded from regwork.s3.amazonaws.com.
File name:
Installer_Regwork.exe
MD5:
c30ab7f0d279a1109f5a9164ebcff6e5
SHA-1:
98ad2e6eecce0cdd18696ad08765fd64149f057e
SHA-256:
ce764cf40f88f6892ceba2f16cad8426eb5e7acd2db5d93973195565f2192296
Scanner detections:
5 / 68
Status:
Potentially unwanted
Analysis date:
12/28/2024 5:34:18 AM UTC (today)
Scan engine
Detection
Engine version
Comodo Security
ApplicUnwnt
17500
Dr.Web
Adware.Downware.1417
9.0.1.0329
ESET NOD32
Win32/Bundled.Toolbar.Ask (variant)
7.9190
Malwarebytes
PUP.Optional.Spigot.A
v2013.11.25.04
Reason Heuristics
PUP.Optional.HonlynMacaoCommercialOffshoreLimited.R
14.6.12.9
File size:
2.4 MB (2,563,032 bytes)
File type:
Executable application (Win32 EXE)
Common path:
C:\users\{user}\downloads\installer_regwork.exe
Valid from:
8/21/2012 8:00:00 PM
Valid to:
8/21/2015 7:59:59 PM
Subject:
CN=Honlyn (Macao Commercial Offshore) Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Honlyn (Macao Commercial Offshore) Limited, L=Macau, S=Macau, C=MO
Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Serial number:
1A2B9E67ACE7E5B318FED4F1ACAE76BB
Compilation timestamp:
12/5/2009 5:50:41 PM
Code size:
22.5 KB (23,040 bytes)
The file Installer_Regwork.exe has been seen being distributed by the following URL.