How to remove kms-r@1nhook.exe
- File Details
- Overview
- Analysis
kms-r@1nhook.exe
The module kms-r@1nhook.exe has been detected as Hijack.Explorer
File Details
| MD5: |
7e74f6f8ed323b6c6d6800af7a97cf7c |
| Size: |
4 KB |
| First Published: |
2017-05-21 11:05:01 (8 years ago) |
| Latest Published: |
2025-02-20 23:00:55 (5 months ago) |
| Status: |
Hijack.Explorer (on last analysis) |
|
| Analysis Date: |
2025-02-20 23:00:55 (5 months ago) |
| %sysdrive%\windows |
| %desktop%\recuper\windows |
| %sysdrive%\$recycle.bin\s-1-5-21-408480981-4064319745-3115365603-1001 |
| %windir% |
| %sysdrive%\$windows.~bt\newos |
| %sysdrive%\backup c\c |
| %sysdrive%\windows.old\cleanup\0000.~bt\newos |
| %desktop%\testdisk-7.1-wip |
| %sysdrive%\windows.old.001 |
| %desktop%\gerson docs\gerson r. fleck\windows.old |
| KMS-R@1nhook.exe |
| kms-r@1nhook.exe |
| $R1I93MQ.exe |
| f195402528.exe |
| f213298320.exe |
| KMS-R@1nhook.exe.quarantined |
| 398C74DC48A44D2C0F8F6A64FB13A153DBB6F0C4.exe |
| KMS-R@1nhook.exe.vir |
| KMS-R@1NHOOK.EXE |
| Brazil |
51.2% |
|
| Thailand |
8.1% |
|
| Vietnam |
5.2% |
|
| Indonesia |
5.1% |
|
| Taiwan |
4.7% |
|
| Turkey |
4.4% |
|
| Italy |
3.7% |
|
| Portugal |
2.1% |
|
| South Korea |
1.7% |
|
| Iran |
1.0% |
|
| Russia |
0.9% |
|
| Spain |
0.9% |
|
| Egypt |
0.8% |
|
| Jordan |
0.8% |
|
| India |
0.6% |
|
| United States |
0.5% |
|
| Sweden |
0.5% |
|
| Germany |
0.4% |
|
| Pakistan |
0.4% |
|
| Algeria |
0.4% |
|
| France |
0.3% |
|
| Mexico |
0.3% |
|
| Argentina |
0.3% |
|
| Netherlands |
0.2% |
|
| Ecuador |
0.2% |
|
| Ukraine |
0.2% |
|
| Hong Kong |
0.2% |
|
| Philippines |
0.2% |
|
| Saudi Arabia |
0.2% |
|
| Lebanon |
0.2% |
|
| Morocco |
0.2% |
|
| United Kingdom |
0.2% |
|
| Tunisia |
0.2% |
|
| Greece |
0.2% |
|
| Japan |
0.2% |
|
| Palestine |
0.2% |
|
| Angola |
0.2% |
|
| Nigeria |
0.2% |
|
| Poland |
0.1% |
|
| Armenia |
0.1% |
|
| Tanzania |
0.1% |
|
| Bangladesh |
0.1% |
|
| Peru |
0.1% |
|
| Australia |
0.1% |
|
| Somalia |
0.1% |
|
| Chile |
0.1% |
|
| Switzerland |
0.1% |
|
| Kazakhstan |
0.1% |
|
| United Arab Emirates |
0.1% |
|
| Malaysia |
0.1% |
|
| Libya |
0.1% |
|
| Paraguay |
0.1% |
|
| Israel |
0.1% |
|
| Serbia |
0.1% |
|
| China |
0.1% |
|
| Azerbaijan |
0.1% |
|
| Ireland |
0.1% |
|
| Mozambique |
0.1% |
|
| Panama |
0.1% |
|
| Cape Verde |
0.1% |
|
| Hungary |
0.1% |
|
| Romania |
0.1% |
|
| New Zealand |
0.1% |
|
| Bosnia and Herzegovina |
0.1% |
|
| Windows 10 |
75.4% |
|
| Windows 7 |
18.4% |
|
| Windows 8.1 |
4.4% |
|
| Windows 8 |
1.1% |
|
| Windows Server 2012 R2 |
0.5% |
|
| Windows Vista |
0.1% |
|
| Windows XP |
0.1% |
|
| Windows Server 2008 R2 |
0.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00001000 |
| Name |
Size of data |
MD5 |
| .text |
1024 |
2087ce3b7f5940a3e4cdbca11c9815df |
| .rdata |
1536 |
65144dd8ecd194a509e59914560fe5a7 |
| .pdata |
512 |
63f90834bf508c3c466106a0fd9df225 |
| .rsrc |
512 |
8d096de51d16180d98ba04bad2632f19 |
