How to remove A0001468.exe

A0001468.exe

The module A0001468.exe has been detected as Trojan.Agent

A0001468.exe
Remove A0001468.exe

File Details

MD5: bca43e19e7013331d99ff788ea6b42a0
Size: 148 KB
First Published: 2017-05-21 05:04:14 (7 years ago)
Latest Published: 2020-12-12 04:16:33 (4 years ago)
Status: Trojan.Agent (on last analysis)
Analysis Date: 2020-12-12 04:16:33 (4 years ago)

Common Places:

%sysdrive%\windows
%programfiles%\msoffice2o1oarfinall_setup
%mydoc%\wpi.2015\install\activadores\activar_office2010_red_pc.exe
%temp%\bd93.tmp
%temp%\1ea6.tmp
%programfiles%\msoffice2o1osetup___
%temp%\7zipsfx.000
%windir%\kmsem
%programfiles%\msoffice2o1oenfinall_setup
%sysdrive%\system volume information\_restore{3e36b588-1d08-458d-810b-267e3796de27}\rp9

File Names:

KMService.exe
A0001468.exe
KM Service.exe
KMS ZWT.exe
KMS.exe
A0502966.exe
kmservice.exe
KMService.exe.quarantined
kms.exe
KMSService.exe
gKMService.exe
KMSERVICE.EXE
KMS_VAMT.exe

Geography:

11.5%
9.7%
9.4%
7.3%
5.8%
5.0%
4.3%
4.0%
3.5%
3.4%
2.8%
2.6%
2.3%
2.1%
2.0%
1.8%
1.6%
1.5%
1.1%
1.0%
1.0%
0.8%
0.7%
0.7%
0.7%
0.7%
0.7%
0.6%
0.6%
0.5%
0.5%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 7 73.6%
Windows 10 15.9%
Windows 8.1 5.4%
Windows XP 2.7%
Windows 8 1.2%
Windows Vista 0.5%
Windows Server 2008 R2 0.5%
Windows Server 2003 0.1%
Windows Server 2012 R2 0.1%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000eab0

PE Sections:

Name Size of data MD5
.text 98304 847c8f3c2c65367d9bc7a421249dcdec
.rdata 8192 726f5b3eddb3db7b0a3ff59b9281cb49
.data 40960 efa20a48c4f88bbb172098c5198879b1

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for A0001468.exe
copyright for information about A0001468.exe