home

dreamhands

Publisher Information

dreamhands is a software publisher located in Haewoondae-gu, Busan in Korea*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
1/19/2013 9:00:00 AM

Valid to:
2/19/2014 8:59:59 AM

Subject:
CN=dreamhands, OU=Dev. Team, O=dreamhands, L=Haewoondae-gu, S=Busan, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0b697326e41b037e18a3a60272dce067

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.dreamhands, PUP.Installer.dreamhands, PUP.dreamhands (M), PUP.dreamhands.Installer (M), PUP.dreamhan (M), PUP.dreamhan.Installer (M), PUP (M)
100.00%

NANO AntiVirus
Riskware.Win32.Agent.dagpce
2.00%

Dr.Web
BackDoor.Infector.133
2.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
2.00%

1 / 68      (Adware)
maxdisk.exe  (0652356cca2659a311089d3b40aed48b)

1 / 68      (Adware)
maxdiskdown.exe (MaxDisk Down by NeoSpace)  (2dad0862b73610623e843cb6dadff4eb)

1 / 68      (Adware)
maxdiskup.exe (MaxDisk UP by NeoSpace)  (4114335535d541345e3300876955a632)

1 / 68      (Adware)
filelot.exe  (7cb7294465e6e663f68c991105545b32)

1 / 68      (Adware)
nedisk_setup.exe  (2c3295aa437c28ff02d7efb50d3531ac)

1 / 68      (Adware)
filelot.exe  (1bfaf394baeb52492bcb261844ff4cd5)

1 / 68      (Adware)
nedisk_setup.exe  (75a96ea0483047c688dca92f9aef2e98)

1 / 68      (Adware)
FilelotAx.ocx (by dreamhands)  (b738688bdf0bc6db519fbf528f6cf77b)

1 / 68      (Adware)
setup.exe  (90c1b44af9992af34a79a6e8dcb9749e)

1 / 68      (Adware)
maxdisk.exe  (6a5aba9d5ed50be43e30dca66cd21448)

1 / 68      (Adware)
mfilepassive.exe  (f649ab0fbfb18a1c1ad140045d6d93b0)

1 / 68      (Adware)
filelot.exe  (b40db9dd8ba7452fe79e4d48c15d0cc4)

1 / 68      (Adware)
maxdiskdown.exe (MaxDisk Down by NeoSpace)  (2130d748dda1c064526b1ec40136af92)

1 / 68      (Adware)
maxdiskup.exe (MaxDisk UP by NeoSpace)  (b681042c979054332f73a05d9847554f)

1 / 68      (Adware)
maxdisk_setup.exe  (5ff091cd0e54e2e75248a926bf594d7d)

1 / 68      (Adware)
maxdisk.exe  (90c8d07a4d15a7431cbc90b4a79f3da4)

1 / 68      (Adware)
setup.exe  (1702b4ac0392f30b2116641a9673b11f)

1 / 68      (Adware)
setup.exe  (e10e6cee5cc8451f8df767e3aa372dcc)

1 / 68      (Adware)
NediskDown.exe (by dreamhands)  (bdac76096a99d5ea603b5ee3c403da94)

1 / 68      (Adware)
NediskUp.exe (by dreamhands)  (f346770cacf11e986f0b345555f706d5)

1 / 68      (Adware)
미확인 200658.crdownload  (786898b4842f939d5a1ecfe29f7e0f92)

1 / 68      (Adware)
setup.exe  (f53fb0b95ff4e830f04a1c561d071bc5)

1 / 68      (Adware)
mfilepassive.exe  (9138df41b6bac07d76d7734d621f9d1d)

1 / 68      (Adware)
setup.exe  (c75e2ec9f300249f5ae8c3b926cdc376)

1 / 68      (Adware)
maxdisk.exe  (d5d7becc415e3967e90d3a58eda55071)

1 / 68      (Adware)
mfiledown.exe  (e664a8b53c20df1e11b485938267192f)

1 / 68      (Adware)
setup.exe  (0d8f2c216decafa8739bf976722cbc38)

1 / 68      (Adware)
mfiledown.exe  (7ae19e65fb43b080dbf4bd27f2d23f41)

1 / 68      (Adware)
mfileup.exe  (30ab66568d641b4cc19341d84800b420)

1 / 68      (Adware)
setup.exe  (389aec55276d91094c5c436e7d78eede)

 
Latest 30 of 52 files

Downloads URLs for files signed by dreamhands.

1 / 68      (Adware)
http://www.mfile.co.kr/scripts/mfile/.../setup.exe  (e10e6cee5cc8451f8df767e3aa372dcc)

1 / 68      (Adware)
http://mfile.co.kr/scripts/mfile/.../MFilepassive.exe  (9138df41b6bac07d76d7734d621f9d1d)

The following websites host and distribute files published by dreamhands.

www.mfile.co.kr

mfile.co.kr

The following certificate is also signed by dreamhands.

3DAC2BFA171181BF28AC28630D02C5F0  (Jan 17, 2012 to Jan 17, 2013)

* Note, the details and description above are based on the code signing digital signature issued to dreamhands by Thawte, Inc. on January 19, 2013 with the serial number '0b697326e41b037e18a3a60272dce067'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.