How to remove Service_KMS.exe
- File Details
- Overview
- Analysis
Service_KMS.exe
The module Service_KMS.exe has been detected as Backdoor.Zegost
File Details
| Product Name: |
|
| MD5: |
3cff415c03e3b4cbb719005ef23dea17 |
| Size: |
277 KB |
| First Published: |
2017-07-10 13:01:56 (6 years ago) |
| Latest Published: |
2020-10-03 06:43:22 (3 years ago) |
| Status: |
Backdoor.Zegost (on last analysis) |
|
| Analysis Date: |
2020-10-03 06:43:22 (3 years ago) |
| %programfiles%\kmspico |
| %sysdrive%\programs\w8 loader\releasesv6 |
| %programfiles% |
| %sysdrive%\software\kms |
| %sysdrive%\祺富\軟體\office2013 |
| %sysdrive%\backup oude schijf\c-schijf\documents\vuce nwe\fp activerings pakket\kmspico v6.0 final\pico.v6.0.finall.7z\releasesv6\releasesv6 |
| %sysdrive%\for yoyo\office 2013 破解軟體\kmspico v.6 |
| %sysdrive%\for yoyo\office 2013 破解軟體\kmspico v.6.rar |
| Windows 7 |
50.0% |
|
| Windows 10 |
40.0% |
|
| Windows Server 2012 |
10.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000434be |
| MVID: |
a6ff714e-3354-4113-9545-e48752b063bb |
| Typelib ID: |
9a79266f-9bd7-4979-82c2-2f910d03f9bf |
| Name |
Size of data |
MD5 |
| .text |
267776 |
9696ff9c8ae305e75a85a54d470d817e |
| .sdata |
512 |
10e2ea62743b266a13bf2178134b3ded |
| .rsrc |
14336 |
2c3e491d9da28cf3dbdfd4eb68c58399 |
| .reloc |
512 |
75d3488bd6972741be76160a40c76e81 |
