How to remove KMSSS.EXE
KMSSS.EXE
The module KMSSS.EXE has been detected as PUP.HackKMS
File Details
| Product Name: | KMS Server Emulator Service (XP) |
| Company Name: | MDL Forum, mod by Ratiborus |
| MD5: | 074adce00aa8c1a705a28f82f9b8781e |
| Size: | 270 KB |
| First Published: | 2017-05-22 11:11:41 (8 years ago) |
| Latest Published: | 2021-02-09 16:51:19 (4 years ago) |
| Status: | PUP.HackKMS (on last analysis) | |
| Analysis Date: | 2021-02-09 16:51:19 (4 years ago) |
Common Places:
| %commonappdata%\kmsauto\bin |
| %commonappdata%\kmsautos\bin |
| %desktop%\мои файлы\проги\activator\bin |
| %sysdrive%\activator\bin |
| %desktop%\activator\bin |
| %commonappdata%\kmsautos |
| %mydoc%\activator |
| %desktop%\activator |
| %commonappdata%\kmsauto |
| %commonappdata%\mslicense\kms |
File Names:
| KMSSS.exe |
| KMSSS.EXE |
Geography:
| Russia | 29.4% | |
| Ukraine | 10.7% | |
| Belarus | 7.3% | |
| Bolivia | 4.5% | |
| Brazil | 4.0% | |
| Peru | 4.0% | |
| United States | 2.8% | |
| Uzbekistan | 2.8% | |
| Kazakhstan | 2.8% | |
| Argentina | 2.3% | |
| France | 1.7% | |
| Turkey | 1.7% | |
| Vietnam | 1.7% | |
| Germany | 1.7% | |
| Jordan | 1.7% | |
| Chile | 1.7% | |
| Slovenia | 1.7% | |
| Philippines | 1.1% | |
| Iraq | 1.1% | |
| Greece | 1.1% | |
| United Kingdom | 1.1% | |
| Azerbaijan | 1.1% | |
| Mexico | 1.1% | |
| Paraguay | 1.1% | |
| Iran | 1.1% | |
| New Zealand | 0.6% | |
| Thailand | 0.6% | |
| Indonesia | 0.6% | |
| South Korea | 0.6% | |
| Serbia | 0.6% | |
| Egypt | 0.6% | |
| Hungary | 0.6% | |
| Spain | 0.6% | |
| Slovakia | 0.6% | |
| Bulgaria | 0.6% | |
| Italy | 0.6% | |
| Latvia | 0.6% | |
| Zimbabwe | 0.6% | |
| Colombia | 0.6% | |
| Pakistan | 0.6% |
OS Version:
| Windows 8.1 | 39.0% | |
| Windows 10 | 32.8% | |
| Windows 7 | 24.3% | |
| Windows Embedded 8.1 | 4.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00014836 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 184320 | e6e296a5bfad8fc63c5658a65a4a9cd2 |
| .rdata | 68608 | 6e9479e6ab1b3541ca20f535815e86b7 |
| .data | 7680 | 270d374c059ea82fb1eb658595b9d6ac |
| .rsrc | 1536 | a280babd163875692e6eaeeb51eae109 |
| .reloc | 13312 | cfe83507219f26e55b4fefca8d998be0 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for KMSSS.EXE
