How to remove KMSELDI.exe

» File
File Details
Overview
Analysis

KMSELDI.exe

The module KMSELDI.exe has been detected as Hack.KMS

KMSELDI.exe

Remove KMSELDI.exe

File Details

Main Info:

Product Name:	KMS GUI ELDI
MD5:	f6b2a8c5437fead84fdb2d77cdaa4725
Size:	497 KB
First Published:	2017-06-07 04:05:21 (7 years ago)
Latest Published:	2022-07-17 23:55:55 (2 years ago)

Analysis:

Status:	Hack.KMS (on last analysis)
Analysis Date:	2022-07-17 23:55:55 (2 years ago)

Common Places:

%programfiles%\kmspico

%programfiles%

%sysdrive%\硬體\program files

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

Geography:

	58.7%
	13.0%
	6.5%
	6.5%
	4.3%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%

OS Version:

Windows 7	58.7%
Windows 10	32.6%
Windows 8	4.3%
Windows 8.1	4.3%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0007885e

.NET Info:

MVID:	46adf9dd-72ce-4497-91fe-0b663f32773b
Typelib ID:	863d9135-9365-4bee-95bf-0d83ded34d9f

PE Sections:

Name	Size of data	MD5
.text	485888	f683aec876f570177a15597dc8a44d54
.sdata	512	a53fcd2777e63eb56dfca7c09453613f
.rsrc	20992	0b816d3377de03f6ac25582fa240894c
.reloc	512	bb550c5173606e5ecb978a6e9f5b08ae

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSELDI.exe

copyright for information about KMSELDI.exe