How to remove HEU_KMS_Activator.exe
- File Details
- Overview
- Analysis
HEU_KMS_Activator.exe
The module HEU_KMS_Activator.exe has been detected as Trojan.Agent
File Details
| Company Name: |
|
| MD5: |
e5767ef23d1017309547dee42f071387 |
| Size: |
3 MB |
| First Published: |
2017-05-22 08:09:41 (6 years ago) |
| Latest Published: |
2024-03-17 23:02:07 (a month ago) |
| Status: |
Trojan.Agent (on last analysis) |
|
| Analysis Date: |
2024-03-17 23:02:07 (a month ago) |
| %desktop%\heu kms activator 10.0 by gdaily |
| %temp%\rar$exa0.542\heu kms activator 10.0.0 |
| %temp%\rar$exa0.540\heu kms activator 10.0.0 |
| %profile%\downloads\dlc boot 2016 v3.1 final\dlc boot 2016 v3.1 final\dlc1\programs\windows\files\heukmsactivator.7z |
| %programfiles%\激活工具 |
| %desktop%\新增資料夾 (2)\1123135\win10_office2016激活\win10激活\heukmsactivator_10.0.10_xiazaizhijia |
| %mydoc%\office\activator\mso activation.rar |
| %mydoc%\office\activator\mso activation |
| %profile%\downloads\june2017_sanet.cd\june2017\heu kms activator 10.0.0 |
| %profile%\downloads\microsoft toolkit collection june 2017\heu kms activator 10.0.0 |
| HEU KMS Activator 10.0.exe |
| HEU_KMS_Activator.exe |
| HEU_KMS_Activator_v10.0.0.exe |
| KMS.exe |
| HEU KMS Activator 10.0 (2017_08_10 13_53_02 UTC).exe |
| Heu KMS.exe |
| TempKMSActivator.exe |
| HEU KMS Activator 10.0 (2018_02_16 05_43_06 UTC).exe |
|
9.7% |
|
|
6.3% |
|
|
5.6% |
|
|
4.8% |
|
|
4.5% |
|
|
4.1% |
|
|
4.1% |
|
|
4.1% |
|
|
3.7% |
|
|
3.7% |
|
|
3.3% |
|
|
3.3% |
|
|
3.0% |
|
|
2.2% |
|
|
2.2% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
| Windows 10 |
63.2% |
|
| Windows 7 |
30.9% |
|
| Windows 8.1 |
2.6% |
|
| Windows XP |
1.1% |
|
| Windows Embedded Standard |
0.7% |
|
| Windows Server 2012 R2 |
0.7% |
|
| Windows Server 2012 |
0.4% |
|
| Windows 8 |
0.4% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00017520 |
| Name |
Size of data |
MD5 |
| .text |
544768 |
724ec48c12da6bb4e41edee8787ecb92 |
| .rdata |
105472 |
8fad974e6f4502d88cb7fc04ef60f9cb |
| .data |
26624 |
9ae365febe633dd7b085f1477841566c |
| .rsrc |
64512 |
ef4798ecaac49a7fb514683cb61de61b |
