How to remove 00000051
00000051
The module 00000051 has been detected as Hack.KMS
File Details
MD5: | b85f4ce841f3ae1ebdf76835d2eadbef |
Size: | 13 KB |
First Published: | 2017-05-24 20:03:02 (6 years ago) |
Latest Published: | 2024-05-04 23:02:11 (a week ago) |
Status: | Hack.KMS (on last analysis) | |
Analysis Date: | 2024-05-04 23:02:11 (a week ago) |
Overview
Signed By: | WZT |
Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
%commonappdata%\kmsautos\bin\driver\x64wdv |
%commonappdata%\kmsauto\bin\driver\x64wdv |
%sysdrive%\windows.old\programdata\kmsautos\bin\driver\x64wdv |
%appdata%\zhp\quarantine\kmsautos\bin\driver\x64wdv |
%sysdrive%\$recycle.bin\s-1-5-21-2275429643-1357250638-3055656149-1001\$rjaj0uu\bin\driver\x64wdv |
%commonappdata%\kmsautos\bin\driver |
%commonappdata%\kmsauto\bin\driver |
%appdata%\zhp\quarantine\kmsauto\bin\driver |
%sysdrive%\$recycle.bin |
%appdata%\zhp\quarantine\kmsautos\bin\driver |
File Names:
FakeClient.exe |
fakeclient.exe |
$R5EXLYY.exe |
$RB3CBLV.exe |
FakeClient(152).exe |
00000051 |
Geography:
24.5% | ||
12.0% | ||
11.0% | ||
3.8% | ||
2.6% | ||
2.6% | ||
2.2% | ||
2.0% | ||
2.0% | ||
1.9% | ||
1.9% | ||
1.7% | ||
1.6% | ||
1.5% | ||
1.4% | ||
1.3% | ||
1.3% | ||
1.2% | ||
1.2% | ||
1.1% | ||
1.0% | ||
0.9% | ||
0.9% | ||
0.8% | ||
0.7% | ||
0.6% | ||
0.6% | ||
0.6% | ||
0.5% | ||
0.5% | ||
0.5% | ||
0.5% | ||
0.5% | ||
0.5% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% |
OS Version:
Windows 10 | 82.6% | |
Windows 7 | 10.1% | |
Windows 8.1 | 6.1% | |
Windows 8 | 0.5% | |
Windows Server 2012 R2 | 0.3% | |
Windows Server 2008 R2 | 0.2% | |
Windows Embedded 8.1 | 0.1% | |
Windows Server 2016 | 0.1% |
Analysis
Subsystem: | Windows CUI |
PE Type: | pe |
OS Bitness: | 64 |
Image Base: | 0x0000000140000000 |
Entry Address: | 0x000012fc |
PE Sections:
Name | Size of data | MD5 |
.text | 3584 | f8517e2e06a0264d414dac4fcb846c29 |
.rdata | 3072 | adb76d07d82659b2e10b2b3acc3db7b7 |
.data | 512 | 04d489f71119c8a139d74098d1680891 |
.pdata | 512 | 516aab97049c71124ac40d5b54cdc95c |
.rsrc | 512 | df9214180541147e51ae67c9a5ca59ac |
.reloc | 512 | aec081bf54f5bd13a0a802758e7496ea |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 00000051