How to remove AutoKMS.exe

AutoKMS.exe

The module AutoKMS.exe has been detected as Trojan.HackKMS

AutoKMS.exe
Remove AutoKMS.exe

File Details

MD5: 582f07f389c28ce5a511269af927f0a3
Size: 4 MB
First Published: 2017-05-25 11:11:52 (6 years ago)
Latest Published: 2024-03-07 23:43:12 (a month ago)
Status: Trojan.HackKMS (on last analysis)
Analysis Date: 2024-03-07 23:43:12 (a month ago)

Common Places:

%windir%\autokms
%appdata%\zhp\quarantine
%windir%
%windir%
%windir%
%windir%
%windir%
%windir%
%windir%
%windir%

File Names:

AutoKMS.exe
AUTOKMS.del

Geography:

11.8%
7.1%
5.1%
4.9%
4.8%
4.1%
3.2%
2.6%
2.5%
2.5%
2.5%
2.5%
2.3%
2.3%
2.1%
2.0%
2.0%
1.7%
1.7%
1.7%
1.4%
1.4%
1.2%
1.2%
1.2%
1.1%
1.1%
1.1%
1.1%
0.9%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.6%
0.6%
0.6%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 10 64.9%
Windows 7 24.6%
Windows 8.1 8.1%
Windows 8 1.1%
Windows Server 2012 R2 0.9%
Windows XP 0.3%
Windows Server 2008 R2 0.2%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0049aeb0

.NET Info:

MVID: 1f216873-369f-4999-85bf-cfa0d204a984
Typelib ID: 3e577747-1842-4364-af1e-ed2a30c03f61

PE Sections:

Name Size of data MD5
.text 4820992 cd37580b4ad3399ab8ebeda2ea16fd19
.rsrc 374272 c1c2786d651571afcc3ead85c461492a
.reloc 512 43385771a7d581fce5eb5786184b215f

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for AutoKMS.exe
copyright for information about AutoKMS.exe