How to remove A0002498.exe

A0002498.exe

The module A0002498.exe has been detected as Hack.AutoKMS

A0002498.exe
Remove A0002498.exe

File Details

Product Name:

SFXMaker
Company Name:

iSoft
MD5: a1f5e047b3b47d1091b4e8530b59e1a6
Size: 1 MB
First Published: 2017-07-08 20:00:47 (8 years ago)
Latest Published: 2024-09-29 23:02:24 (10 months ago)
Status: Hack.AutoKMS (on last analysis)
Analysis Date: 2024-09-29 23:02:24 (10 months ago)

Common Places:

%sysdrive%\$recycle.bin\s-1-5-21-696985813-4113403763-2967572783-1000\$rkct65y
%desktop%\macccccccontraseñapassword www.intercambiosvirtuales.org\aio\wpi17-stf\install
%sysdrive%\pelinternet\cosas de jdownloader\(wpi_2017_red_pc)\((( wpi 2017 )))\install
%sysdrive%\escritorio 5122017
%sysdrive%\evopack
%sysdrive%\evopack\evopack
%sysdrive%\((( wpi 2017 )))\install
%sysdrive%\system volume information\_restore{f8ccd778-5545-4803-8a46-1771e4277e4c}
%sysdrive%\wpi\wpi 2017\install
%sysdrive%\lenovo\documents\instalacion de programas\programacion\post install w7\instalar todos\instalar todos\office 2010

File Names:

EvoActivacionOffice2010.exe
A0002498.exe
EvoActivacionOffice2010 (1).exe
Activar Office2010.exe

Geography:

20.7%
20.7%
13.8%
10.3%
10.3%
3.4%
3.4%
3.4%
3.4%
3.4%
3.4%
3.4%

OS Version:

Windows 7 55.2%
Windows 10 37.9%
Windows 8.1 6.9%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00012a92

PE Sections:

Name Size of data MD5
.text 78336 d1cec477f10e224f513e53ddcdef345e
.rdata 17920 c4853a81f3e009e8cc6a2651b184d68a
.data 1536 bff8c39bed35500e67a2aa1c6b7dba26
.rsrc 139264 bea1d345f178acbc3f9d2bb5d1907088

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for A0002498.exe
copyright for information about A0002498.exe