home

RegUnlocker.exe

RegUnlocker

Hardrive

The executable RegUnlocker.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dl-web.dropbox.com and multiple other hosts.
Publisher:
Hardrive

Product:
RegUnlocker

Version:
1.09.0040

MD5:
6d59069e3d9db3160c2340a84dc0d827

SHA-1:
804182dcdcfb3888354a0944eb25c7382fb66e26

SHA-256:
ed0981a8074a314c8ab77517e116b5808994f14dc4f4344ec456d5ccfced3793

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
1/13/2025 6:02:27 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodbcc.Trojan
1.3.0.4959

K7 AntiVirus
Trojan
13.181.12872

Malwarebytes
Malware.Packer.Gen
v2014.09.14.04

NANO AntiVirus
Virus.Win32.Gen.ccmw
0.28.2.61148

VIPRE Antivirus
Trojan.Win32.Generic
31726

File size:
89 KB (91,136 bytes)

Product version:
1.09.0040

Original file name:
RegUnlocker.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
4/19/2008 7:51:11 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:hcJ1Rq0W4/g4waAGFKuJHBQUwSnouy8tfn6YFKZyob2e2dn/54yo2:K1cf4/g4wuFKCHRwKouttvmKn

Entry address:
0x42000

Entry point:
9C, 60, E8, 02, 00, 00, 00, 33, C0, 8B, C4, 83, C0, 04, 93, 8B, E3, 8B, 5B, FC, 81, EB, 07, 20, 40, 00, 87, DD, 83, BD, 3D, 29, 40, 00, 01, 0F, 84, 33, 04, 00, 00, 80, BD, 52, 2F, 40, 00, 00, 74, 37, 8D, 85, FB, 2C, 40, 00, 50, FF, 95, D7, 2C, 40, 00, 8D, 8D, 51, 2E, 40, 00, 50, 51, 50, FF, 95, C7, 2C, 40, 00, 89, 85, 61, 2E, 40, 00, 58, 8D, 8D, 0F, 2E, 40, 00, 51, 50, FF, 95, C7, 2C, 40, 00, 89, 85, BB, 2C, 40, 00, 8D, BD, E5, 31, 40, 00, 33, C0, 8A, 85, 37, 29, 40, 00, 3C, 05, 74, 72, 3C, 03, 0F, 84, 9C...
 
[+]

Packer / compiler:
PEBundle v3.10

Code size:
44 KB (45,056 bytes)

The file RegUnlocker.exe has been seen being distributed by the following 2 URLs.

https://dl-web.dropbox.com/get/.../RegUnlocker.exe

http://www.forospyware.com/.../RegUnlocker.exe

Remove RegUnlocker.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.