How to remove Service_KMS.exe
- File Details
- Overview
- Analysis
Service_KMS.exe
The module Service_KMS.exe has been detected as Trojan.Agent
File Details
| Product Name: |
|
| MD5: |
4a9d1dd7eaeb211b0786ec1270561ada |
| Size: |
490 KB |
| First Published: |
2017-11-15 19:09:37 (7 years ago) |
| Latest Published: |
2024-06-17 23:00:55 (a year ago) |
| Status: |
Trojan.Agent (on last analysis) |
|
| Analysis Date: |
2024-06-17 23:00:55 (a year ago) |
| %programfiles%\kmspico |
| %sysdrive%\pogramas pc\officepro_13x_64bits_esp\activ_ ofi_13_permanente\activador office 2013\002 kms_activator\kmspico.v8.4-heldigard |
| %programfiles% |
| %sysdrive%\downloads\diversos\kmsactivador.rar\kmspico.v8.4-heldigard |
| %sysdrive%\imprescindibles\win_7\kmspico.v8.4 - activar windows 8 y office 2013.rar\kmspico.v8.4.www.mundomanuales.com |
| %sysdrive%\xfer\idm\microsoft office (2013)\sharewbb_kmstosnew08august\kms tools\kmspico |
| %sysdrive%\xfer\idm\microsoft office (2013)\sharewbb_kmstosnew08august.rar\sharewbb_kmstosnew08august\kms tools\kmspico |
| %sysdrive%\$recycle.bin\s-1-5-21-1740679853-1520997301-558946601-1000\$r8sw9cg\kmspico.v8.4 p-h.zip\kmspico.v8.4-heldigard |
| %sysdrive%\$recycle.bin\s-1-5-21-87135576-2087611795-607172523-1000\$rdqypgz\kmspico.v8.4 p-h.zip\kmspico.v8.4-heldigard |
| %sysdrive%\$recycle.bin\s-1-5-21-87135576-2087611795-607172523-1000\$rfx3m3o\kmspico.v8.4 p-h.zip\kmspico.v8.4-heldigard |
|
29.8% |
|
|
21.1% |
|
|
14.0% |
|
|
7.0% |
|
|
5.3% |
|
|
3.5% |
|
|
3.5% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
| Windows 7 |
64.4% |
|
| Windows 10 |
30.5% |
|
| Windows 8.1 |
5.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0007acce |
| MVID: |
d705cec4-c142-43ae-be67-aa4bb38c815b |
| Typelib ID: |
9a79266f-9bd7-4979-82c2-2f910d03f9bf |
| Name |
Size of data |
MD5 |
| .text |
495104 |
ee08acd3b4bd593e86b3cb7077836f46 |
| .sdata |
512 |
7aceccc8fcc6791e8c2f70fe400f883f |
| .rsrc |
5120 |
49fb134837269fe80c760ca188c4b111 |
| .reloc |
512 |
d72c975b00631a938251906f0a43aca1 |
