How to remove KMSELDI.exe

» File
File Details
Overview
Analysis

KMSELDI.exe

The module KMSELDI.exe has been detected as Hack.KMS

KMSELDI.exe

Remove KMSELDI.exe

File Details

Main Info:

Product Name:	KMS GUI ELDI
MD5:	d751b0e7260af2843c79d9e228696cc3
Size:	803 KB
First Published:	2017-05-28 18:14:03 (7 years ago)
Latest Published:	2024-03-27 23:06:55 (10 months ago)

Analysis:

Status:	Hack.KMS (on last analysis)
Analysis Date:	2024-03-27 23:06:55 (10 months ago)

Overview

Digital Signature

Signed By:	ByELDI Certificate
Status:	Valid

Common Places:

%programfiles%\kmspico

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

Geography:

	25.0%
	25.0%
	12.5%
	12.5%
	8.3%
	4.2%
	4.2%
	4.2%
	4.2%

OS Version:

Windows 7	45.8%
Windows 8.1	41.7%
Windows 10	12.5%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000c48fe

.NET Info:

MVID:	8f4c0a90-65f7-448d-8bfb-e89d25abd547
Typelib ID:	863d9135-9365-4bee-95bf-0d83ded34d9f

PE Sections:

Name	Size of data	MD5
.text	797184	df5ccaeed6c0fbca6cc137dfb3b0cc4e
.sdata	512	bb2926cd58795fc498e6f9c7b2804b2e
.rsrc	20992	f564065dde0a47389df36447672d0714
.reloc	512	a8b44402d54fec3136d72c58cbf70954

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSELDI.exe

copyright for information about KMSELDI.exe