home

HANcommunication

Publisher Information

HANcommunication is a software publisher located in seoul, Guro-Gu in Korea*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
5/12/2013 9:00:00 AM

Valid to:
6/12/2015 8:59:59 AM

Subject:
CN=HANcommunication, O=HANcommunication, L=seoul, S=Guro-gu, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3962def517f7534c2829a48f9a9454d4

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.HANcommunication.K, PUP.Installer.HANcommunication.L, PUP.BHO.HANcommunication.K, PUP.HANcommunication.I, PUP.HANcommunication.H, PUP.Hue Communication.HANcommunication (M), PUP.Hue Communication.HANcommunication.Installer (M), PUP.Hue Communication.HANcommu (M), PUP.Hue Communication.HANcommu.Installer (M), PUP.Hue Communication (M)
100.00%

Trend Micro House Call
TROJ_GEN.F47V0407, TROJ_GEN.F47V0515, TROJ_GEN.F47V0520, TROJ_GEN.F47V0331, TROJ_GEN.F47V1022, TROJ_GEN.F47V0913, TROJ_GEN.F47V1002
14.29%

ESET NOD32
Win32/AdWare.Kraddare.JP (variant), Win32/TrojanDownloader.Delf.ALM (variant), Win32/AdWare.Kraddare.KD (variant), Win32/Adware.Kraddare.DN (variant)
10.20%

MicroWorld eScan
Trojan.GenericKD.1681832, Gen:Variant.Graftor.139707, Trojan.GenericKD.1699046, Application.Generic.574202, Gen:Trojan.Heur.LP.rO9baqrjN7gO
10.20%

McAfee
Artemis!319CB2E13DB2, Artemis!F3D2A70782FF, Artemis!0D84DC645322, Artemis!44C35CA8BFC5, Artemis!DFEC931F107A
10.20%

Bitdefender
Trojan.GenericKD.1681832, Gen:Variant.Graftor.139707, Trojan.GenericKD.1699046, Application.Generic.574202, Gen:Trojan.Heur.LP.rO9baqrjN7gO
10.20%

Lavasoft Ad-Aware
Trojan.GenericKD.1681832, Gen:Variant.Graftor.139707, Trojan.GenericKD.1699046, Application.Generic.574202, Gen:Trojan.Heur.LP.rO9baqrjN7gO
10.20%

Comodo Security
ApplicUnwnt, UnclassifiedMalware
10.20%

F-Secure
Trojan.GenericKD.1681832, Gen:Variant.Graftor.139707, Trojan.GenericKD.1699046, Application.Generic.574202, Gen:Trojan.Heur.LP.rO9baqrjN7gO
10.20%

G Data
Trojan.GenericKD.1681832, Gen:Variant.Graftor.139707, Trojan.GenericKD.1699046, Application.Generic.574202, Gen:Trojan.Heur.LP.rO9baqrjN7gO
10.20%

1 / 68      (Adware)
gcodecsetup.exe  (53f3cef6bcec3d2538f2028366e55077)

1 / 68      (Adware)
gcodecsetup.exe  (312c11c1d5ce9fc5f6d4195758758988)

1 / 68      (Adware)
gcodecsetup.exe  (8878969026ecba479de410475c445138)

1 / 68      (Adware)
gcodecsetup.exe  (ff7d79dabe083ba242f3f4439ed0bd75)

1 / 68      (Adware)
gcodecsetup.exe  (5bf6885b6ecfcc7e8eaaadad8315a9de)

1 / 68      (Adware)
gcodecopen.exe  (0f3707f2d179f28db0b9f486bcd10e73)

1 / 68      (Adware)
gcodecsetup.exe  (5f27ff0355f508253eb6b4d8f6cb31c9)

1 / 68      (Adware)
gcodecsl.dll (by HnaCommunication)  (e741e91652e054528fbcb0e18fe6aa1b)

1 / 68      (Adware)
gcodecsetup.exe  (dd3c98d0673013897bcd0f2b6a4b814a)

1 / 68      (Adware)
gcodecsetup.exe  (c5b40a4036a32acde751656a4577b775)

1 / 68      (Adware)
gcodecsetup.exe  (d6095906b6e5c49098cdd725cfd4d2de)

1 / 68      (Adware)
gcodecsetup.exe  (5bafebe7d4f2f3d8444ab77998f92f14)

1 / 68      (Adware)
gcodecsetup.exe  (7064c7f4b5a1ab9bc44af60390bce235)

1 / 68      (Adware)
gcodecsetup.exe  (b18a01ff9407bccb0f5ff2f40c10a687)

1 / 68      (Adware)
gcodecsetup.exe  (0762bd90542352b7cd9d32516b621948)

1 / 68      (Adware)
gcodecsetup.exe  (ef6e658210b75f7c7b496f6c2ebfc3be)

1 / 68      (Adware)
gcodecsetup.exe  (2fda74e6ff5f2c6e3bbddb8189ba60d0)

1 / 68      (Adware)
gcodecsetup.exe  (eda2646cb92280c1536d2f4da01d754f)

1 / 68      (Adware)
gcodecsetup.exe  (af616d2a96844269f4f5bf9732a1c6ed)

1 / 68      (Adware)
gcodecsl.dll (by HnaCommunication)  (74a987fc2a4d4177a0fd85155a42b937)

1 / 68      (Adware)
gcodecsetup.exe  (ee886ce59010fa382c02e6a41f2aacdf)

1 / 68      (Adware)
gcodecsetup.exe  (484d5b2c2ed702ad93fa64c3cc0f6c5d)

1 / 68      (Adware)
gcodecopen.exe  (a52b3b0ce0847f0ce5a1a02d886c4e73)

1 / 68      (Adware)
gcodecsetup.exe.part0  (2d380e46da14c859cc671aff71f0e5a9)

1 / 68      (Adware)
Gcodecopen.exe (by HanCommuniCation)  (9ee0d7114cccc4e3c92c5c3e6cdf3bf9)

1 / 68      (Adware)
GCodecup.exe (by HanCommuniCation)  (b8e03a9ab370989991f930c96697e809)

1 / 68      (Adware)
gcodecband.dll  (536ef1b7c105dcb4764e08d11e055ef5)

1 / 68      (Adware)
gcodecsl.dll (by HnaCommunication)  (d4af4d3b9c2e496c9e9557a5058bf47f)

1 / 68      (Adware)
gco9fad.tmp  (42399965b3c47ea2c862bcea8db1ee59)

1 / 68      (Adware)
gcodecsetup.exe  (8f762fc9796a97a08df2e82e43e732b7)

 
Latest 30 of 49 files

The following certificate is also signed by HANcommunication.

4DE37E21660280BEB7915BC467A96193  (May 18, 2012 to May 19, 2013)

* Note, the details and description above are based on the code signing digital signature issued to HANcommunication by Thawte, Inc. on May 12, 2013 with the serial number '3962def517f7534c2829a48f9a9454d4'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.