home

SUNWORK MEDIA

Publisher Information

SUNWORK MEDIA is a software developer located in NICE, Paca in France*.
Authority:
Thawte, Inc.

Valid from:
4/6/2012 2:00:00 AM

Valid to:
4/7/2014 1:59:59 AM

Subject:
CN=SUNWORK MEDIA, OU=ALPES MARITIME, O=SUNWORK MEDIA, L=NICE, S=PACA, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
42b235ae116d147d4122347e0124620e

Scanner detections:
Malware distribution  (57% detected)

Scan engine
Details
Detections

Kaspersky
HEUR:Trojan.Win32.StartPage, Trojan.Win32.Pasta
80.00%

Emsisoft Anti-Malware
Gen:Trojan.StartPage.kuW@a8SP8gei, Gen:Trojan.Heur.PT.kuW@bKUyLCei, Trojan.Generic.8810370, Gen:Trojan.StartPage.kuW@ayz1uDbi
70.00%

Bitdefender
Gen:Trojan.StartPage.kuW@a8SP8gei, Gen:Trojan.Heur.PT.kuW@bKUyLCei, Trojan.Generic.8810370, Gen:Trojan.StartPage.kuW@aSH4Vudi
70.00%

F-Secure
Gen:Trojan.StartPage.kuW@a8SP8gei, Gen:Trojan.Heur.PT.kuW@bKUyLCei, Trojan.Generic.8810370, Gen:Trojan.StartPage.kuW@aSH4Vudi
70.00%

G Data
Gen:Trojan.StartPage.kuW@a8SP8gei, Gen:Trojan.Heur.PT.kuW@bKUyLCei, Trojan.Generic.8810370, Gen:Trojan.StartPage.kuW@aSH4Vudi
70.00%

Norman
Gen:Trojan.StartPage.kuW@a8SP8gei, Malware, Trojan.Generic.8810370, Gen:Trojan.StartPage.kuW@ayz1uDbi
60.00%

MicroWorld eScan
Gen:Trojan.StartPage.kuW@a8SP8gei, Gen:Trojan.Heur.PT.kuW@bKUyLCei, Trojan.Generic.8810370, Gen:Trojan.Heur.PT.kuW@buVGUGki, Gen:Trojan.StartPage.kuW@aCY3IFii, Trojan.Generic.10365450
60.00%

Qihoo 360 Security
Win32/Trojan.83b, Win32/Trojan.a40, Win32/Trojan.92c, Win32/Trojan.ce2
40.00%

Dr.Web
Trojan.StartPage.51018, infected with Trojan.StartPage.51260, infected with Trojan.StartPage.50821, Trojan.StartPage.51693
40.00%

AVG
Generic31, Generic35, Generic32, Win32/DH{Uj0?}
40.00%

3 / 68      (inconclusive)
formalitefacileie.exe (FormaliteFacile by SunWork Media)  (7b71d6b9b6ab01fe53cf956ea910ea52)

0 / 68
formalitefacileie.exe (Formalité Facile by SunWork Media)  (40d385ff2554f4122612b9e0eccfdc82)

23 / 68    (Malware)
formalitefacileie.exe (FormaliteFacile by SunWork Media)  (73e628a1000fe94da36249985de7d2ac)

7 / 68      (Malware)
formalitefacileie.exe (FormaliteFacile by SunWork Media)  (53121137cbbc2d9cabad54338bd784c2)

14 / 68    (Malware)
formalitefacileff.exe (FormaliteFacile by SunWork Media)  (22721ccb0a51fb18a32e37c15c11dfcb)

0 / 68
formalitefacilegc.exe (Formalité Facile by SunWork Media)  (88a1a06f1dda476f135f020339d62e77)

2 / 68      (inconclusive)
formalitefacilegc.exe (FormaliteFacile by SunWork Media)  (2d4117096e33f9a811b434c9de3cfc42)

4 / 68      (Malware)
formalitefacileie.exe (FormaliteFacile by SunWork Media)  (df2bb16507c0b0c0b2cebcba5cdd2862)

0 / 68
formalitefacileff.exe (Formalité Facile by SunWork Media)  (bbd8d715faf6ecd5ecb719ea01057d62)

0 / 68
uninstallaccent.exe  (0e93d42bc39e57b2aa9166f003297d2a)

6 / 68      (Malware)
formalitefacilegc - copie.exe (FormaliteFacile by SunWork Media)  (56e992f6565e1e4fa2659a5afdb49784)

13 / 68    (Malware)
devis climent haut-002.exe (FormaliteFacile by SunWork Media)  (c9b63d28dd46f7825ad93fb80b631cd4)

8 / 68      (Malware)
formalitefacileff.exe (FormaliteFacile by SunWork Media)  (daf065f9bf016cb89a84820d6503f664)

9 / 68      (Malware)
formalitefacilegc.exe (FormaliteFacile by SunWork Media)  (10ef9f9273e754347f9a76390f63815a)

Downloads URLs for files signed by SUNWORK MEDIA.

9 / 68      (Malware)
https://www.formalite-facile.com/.../FormaliteFacileGC.exe  (10ef9f9273e754347f9a76390f63815a)

6 / 68      (Malware)
https://www.formalite-facile.com/.../FormaliteFacileGC.exe  (56e992f6565e1e4fa2659a5afdb49784)

13 / 68    (Malware)
https://www.formalite-facile.com/.../FormaliteFacileGC.exe  (c9b63d28dd46f7825ad93fb80b631cd4)

The following websites host and distribute files published by SUNWORK MEDIA.

www.formalite-facile.com

* Note, the details and description above are based on the code signing digital signature issued to SUNWORK MEDIA by Thawte, Inc. on April 06, 2012 with the serial number '42b235ae116d147d4122347e0124620e'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.