How to remove $RCSZC72.exe
- File Details
- Overview
- Analysis
$RCSZC72.exe
The module $RCSZC72.exe has been detected as Hack.KMS
File Details
| MD5: |
c8e1146417b2125f9ff29f655d52fce9 |
| Size: |
6 MB |
| First Published: |
2017-05-26 15:05:27 (7 years ago) |
| Latest Published: |
2022-06-04 23:30:31 (2 years ago) |
| Status: |
Hack.KMS (on last analysis) |
|
| Analysis Date: |
2022-06-04 23:30:31 (2 years ago) |
Overview
| Signed By: |
WZT |
| Status: |
Valid |
| %windir%\setup\scripts\activator\kmsauto |
| %sysdrive%\windows |
| %sysdrive%\totalcmd\!!!kmsauto_lite_portable_v1.2.4 |
| %profile%\7\kms_vl_efi\kmsauto lite portable v1.2.4 |
| %profile%\81\kms\kmsauto lite portable v1.2.4 |
| %profile%\10\kms\kmsauto lite portable v1.2.4 |
| %desktop%\bonus\7\kms_vl_efi\kmsauto lite portable v1.2.4 |
| %desktop%\bonus\10\kms\kmsauto lite portable v1.2.4 |
| %desktop%\bonus\81\kms\kmsauto lite portable v1.2.4 |
| %desktop%\bonus\81\kms |
|
57.7% |
|
|
21.7% |
|
|
5.3% |
|
|
2.9% |
|
|
1.4% |
|
|
1.2% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
| Windows 10 |
46.6% |
|
| Windows 7 |
44.0% |
|
| Windows 8.1 |
7.5% |
|
| Windows Embedded 8.1 |
1.0% |
|
| Windows XP |
0.5% |
|
| Windows Server 2012 R2 |
0.2% |
|
| Windows Server 2008 R2 |
0.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00001000 |
| Name |
Size of data |
MD5 |
| .code |
107520 |
344d69021f7c8de398219d84d8b42918 |
| .text |
307200 |
f1d1dcb82445e9ab9b4b2f73af338172 |
| .rdata |
35840 |
845b07f0ebd235da7031a74ca0534020 |
| .data |
6125056 |
96d46480ffd461719107f0fedc5fa86b |
| .rsrc |
45568 |
c95652abfb70d895e9f5bc363ceb3198 |
