home

3loz9b.exe

KMS GUI ELDI

@ByELDI

The application 3loz9b.exe has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
@ByELDI

Product:
KMS GUI ELDI

Version:
18.1.0.0

MD5:
78e626050ebe828554dd24f5807d5e65

SHA-1:
325dec39f1dff6b0de87adcb15a899c75d735494

SHA-256:
891d043702bbbd3408cb02572b51f3f47480d7c2a3de9234f79d74eed05c7514

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 1:59:51 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.HackTool
7.1.1

avast!
Win32:HackTool-GK [PUP]
140929-0

ESET NOD32
MSIL/HackTool.IdleKMS.A potentially unsafe application
7.0.302.0

F-Prot
W32/A-48e0a306
v6.4.7.1.166

Norman
IdleKMS.A
11.20141002

VIPRE Antivirus
Threat.4150696
33120

Zillya! Antivirus
Tool.IdleKMS.Win32.2
2.0.0.1940

File size:
1.2 MB (1,272,886 bytes)

Product version:
18.1.0.0

Copyright:
Copyright © 2012

Original file name:
KMSELDI.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\kmspico\3loz9b.exe

File PE Metadata
Compilation timestamp:
2/20/2013 5:32:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:NS1i0v1VxMM+qS1i0v1VxMM+0GH30S1i0v1VxMM+2u:NCi0vHkqCi0vHkRHkCi0vHkx

Entry address:
0xDCD7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
875.5 KB (896,512 bytes)

Remove 3loz9b.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.