How to remove gKMSELDI.exe
gKMSELDI.exe Removal: How to Get Rid of gKMSELDI.exee355f7d6346f2faeec0da5583a1ee9ec
- File Details
- Overview
- Analysis
gKMSELDI.exe
The module gKMSELDI.exe has been detected as Hack.KMS
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
e355f7d6346f2faeec0da5583a1ee9ec |
| Size: |
1 MB |
| First Published: |
2017-05-21 13:08:13 (2 years ago) |
| Latest Published: |
2018-12-06 20:04:19 (2 months ago) |
| Status: |
Hack.KMS (on last analysis) |
|
| Analysis Date: |
2018-12-06 20:04:19 (2 months ago) |
Overview
| %programfiles%\kmspico |
| %programfiles% |
| %sysdrive%\$recycle.bin\s-1-5-21-429557435-466669265-1786256089-1001 |
| %programfiles% |
|
27.8% |
|
|
16.7% |
|
|
9.7% |
|
|
9.7% |
|
|
4.2% |
|
|
4.2% |
|
|
4.2% |
|
|
4.2% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
| Windows 8.1 |
43.8% |
|
| Windows 10 |
35.6% |
|
| Windows 7 |
20.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0010b2be |
| MVID: |
5f0f8069-7544-43c9-9475-e118ec4f8457 |
| Name |
Size of data |
MD5 |
| .text |
1086464 |
9bd1ec44c367421282172d693f708869 |
| .rsrc |
20992 |
07e300b5551a88898d3164f7a801324d |
| .reloc |
512 |
74eaa11d30b6ca1fa35a894ba93cc188 |
