How to remove gMSActBackup.exe
- File Details
- Overview
- Analysis
gMSActBackup.exe
The module gMSActBackup.exe has been detected as Hack.KMS
File Details
| Product Name: |
|
| MD5: |
e70f7d1845669196b151cf3e8f9a0231 |
| Size: |
1 MB |
| First Published: |
2017-09-09 16:01:31 (7 years ago) |
| Latest Published: |
2022-11-26 23:57:30 (2 years ago) |
| Status: |
Hack.KMS (on last analysis) |
|
| Analysis Date: |
2022-11-26 23:57:30 (2 years ago) |
Overview
| Signed By: |
WZT |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %profile%\downloads\программы\all activation windows (7-8-10) v14.0 2017\all activation\kms\microsoft product keys 2.6.3\tools\msbak |
| %profile%\downloads\compressed\[www.gigapurbalingga.com]_mipk120m\mpk1.2\tools\msbak |
| %desktop%\microsoft product keys 2\new folder\microsoft product keys 2.6.3\tools\msbak |
| %programfiles%\mpk 2.6\tools\msbak |
| %desktop%\downlpad\all activation windows 7-8-10 v12.0 (windows @amp; office activator) [sadeempc]\all_activation_windows__7-8-10__v12.0\all activation\kms\microsoft product keys 2.6.3\tools\msbak |
| %profile%\downloads\activadores all\all activation windows 7-8-10 v12.0 (windows @amp; office activator) [sadeempc]\all activation\kms\microsoft product keys 2.6.3\tools\msbak |
| %profile%\downloads\activaton\all activation\kms\microsoft product keys 2.6.3\tools\msbak |
| %desktop%\all activation windows (7-8-10) v13.5 2017\all activation\kms\microsoft product keys 2.6.3\tools\msbak |
| %desktop%\windows 10 activation\all activation windows 7-8-10 v12.0 (windows @amp; office activator) [sadeempc]\all activation\kms\microsoft product keys 2.6.3\tools |
| %mydoc%\vuze downloads\microsoft product keys v1.1.0 - full\tools |
| MSActBackup.exe |
| gMSActBackup.exe |
|
20.9% |
|
|
8.7% |
|
|
4.7% |
|
|
4.1% |
|
|
4.1% |
|
|
4.1% |
|
|
3.5% |
|
|
3.5% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
| Windows 10 |
52.9% |
|
| Windows 7 |
35.4% |
|
| Windows 8.1 |
7.4% |
|
| Windows 8 |
3.7% |
|
| Windows XP |
0.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00001000 |
| Name |
Size of data |
MD5 |
| .code |
47616 |
1a2eb53d9e5e31b3f816bb11808d35ba |
| .text |
354304 |
008e7b9f1dd5dffbf4675a0e74735100 |
| .rdata |
37376 |
29d74d3144da11e2084b05e9ffa3cf2c |
| .data |
619008 |
4e25919026156b449ea79e4660524129 |
| .rsrc |
69632 |
b41896b63fdeb4ea25cac562184cdd94 |
