How to remove KMSoffline.exe

» File
File Details
Overview
Analysis

KMSoffline.exe

The module KMSoffline.exe has been detected as Ransom.Wacatac

KMSoffline.exe

Remove KMSoffline.exe

File Details

Main Info:

Product Name:	KMSoffline
MD5:	8773f9289c52c8e5666bf7ef5f7b4ac2
Size:	3 MB
First Published:	2023-12-08 23:41:54 (2 years ago)
Latest Published:	2023-12-08 23:41:54 (2 years ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2023-12-08 23:41:54 (2 years ago)

Common Places:

%mydoc%\01.09.2023-pvp\programs

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0038057e

.NET Info:

MVID:	94c8bdc1-7991-4f00-a653-0cb75dbd4573
Typelib ID:	88a20b9a-df30-459e-ab99-4d688a426cf7

PE Sections:

Name	Size of data	MD5
.text	3663360	55ee4d0b2deacbaf07608604af76b760
.sdata	512	a1a36081d31d35294360986b5f2bafb2
.rsrc	73216	ad1f96fa564e2132a5e4a9b7621ca50e
.reloc	512	6cc8af17a8b538a9ed9350d2b058919d

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSoffline.exe

copyright for information about KMSoffline.exe