How to remove AutoKMS.exe
- File Details
- Overview
- Analysis
AutoKMS.exe
The module AutoKMS.exe has been detected as Virtool.Gendows
File Details
MD5: |
3f32141c078bd6a21d75cbe5a888039c |
Size: |
1 MB |
First Published: |
2017-05-22 07:07:25 (6 years ago) |
Latest Published: |
2022-01-06 21:38:42 (2 years ago) |
Status: |
Virtool.Gendows (on last analysis) |
|
Analysis Date: |
2022-01-06 21:38:42 (2 years ago) |
%windir%\autokms |
%sysdrive%\windows |
%appdata%\zhp\quarantine |
%windir% |
%sysdrive%\windows.old.000\windows |
%windir% |
%windir% |
%windir% |
%windir% |
%windir% |
|
18.5% |
|
|
13.4% |
|
|
10.4% |
|
|
8.1% |
|
|
5.3% |
|
|
3.4% |
|
|
3.2% |
|
|
2.8% |
|
|
2.6% |
|
|
2.5% |
|
|
1.9% |
|
|
1.7% |
|
|
1.5% |
|
|
1.5% |
|
|
1.3% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
Windows 7 |
74.9% |
|
Windows 10 |
16.1% |
|
Windows 8.1 |
5.4% |
|
Windows 8 |
2.4% |
|
Windows Vista |
0.7% |
|
Windows XP |
0.4% |
|
Analysis
Subsystem: |
Windows CUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0014ba56 |
MVID: |
e9f55e58-3f78-4602-92a6-bf5357b66a6e |
Typelib ID: |
58acc958-754c-480c-9c3b-77a6573ae75e |
Name |
Size of data |
MD5 |
.text |
1350656 |
0749f564ae30512b0b0e361b5e095a56 |
.rsrc |
373760 |
8c912942d65ddc7ec1535b8ebe54b8f9 |
.reloc |
512 |
fccdbc2e2b72139ca3d0ac445d555af0 |