» AutoPico.exe
Overview
Analysis
File Details
Behaviors (1)

AutoPico.exe

AutoPico

ByELDI Certificate

The application AutoPico.exe by ByELDI Certificate has been detected as a potentially unwanted program by 23 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.

File name:

AutoPico.exe

Publisher:

ByELDI Certificate (signed and verified)

Product:

AutoPico

Version:

8.6.2.0

MD5:

68fd9e2f29ba2590634244a3d233d34f

SHA-1:

4f073faaee76506d32cf9df3e7631ef346301139

SHA-256:

a9af515156d0973f1acaa843b5116fe9250a48e7b84c141f575587d21dca8f43

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 9:16:46 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.10050438

364

AhnLab V3 Security

Trojan/Win32.ADH

2013.12.29

AVG

Dropper.Msil

2017.0.2842

Baidu Antivirus

Trojan.Win32.Generic

4.0.3.1625

Bitdefender

Trojan.Generic.10050438

1.0.20.180

Bkav FE

W32.Clod024.Trojan

1.3.0.4613

Emsisoft Anti-Malware

Trojan.Generic.10050438

8.16.02.05.06

ESET NOD32

MSIL/HackTool.IdleKMS (variant)

10.9190

Fortinet FortiGate

W32/Generic!tr

2/5/2016

F-Secure

Trojan.Generic.10050438

11.2016-05-02_6

G Data

Trojan.Generic.10050438

16.2.22

IKARUS anti.virus

Virus.Dropper

t3scan.2.2.29

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.706

McAfee

RDN/Generic Dropper!sk

5600.6498

MicroWorld eScan

Trojan.Generic.10050438

17.0.0.108

NANO AntiVirus

Trojan.Win32..congbf

0.28.0.57029

Norman

Agent.AOQWC

11.20160205

nProtect

Trojan.GenericKD.1419735

14.01.15.01

Panda Antivirus

Generic Malware

16.02.05.06

Reason Heuristics

PUP.Optional.ByELDICertificate.Task

16.2.5.18

Trend Micro House Call

TROJ_GEN.R0CBC0PLM13

7.2.36

Trend Micro

TROJ_GEN.R0CBC0PLM13

10.465.05

VIPRE Antivirus

Trojan.Win32.Generic

24728

File size:

1.7 MB (1,810,712 bytes)

Product version:

8.6.2.0

Original file name:

AutoPico.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\kmspico\autopico.exe

Digital Signature

Signed by:

ByELDI Certificate

Authority:

ByELDI Certificate

Valid from:

11/18/2013 1:41:41 AM

Valid to:

1/1/2040 6:59:59 AM

Subject:

CN=ByELDI Certificate

Issuer:

CN=ByELDI Certificate

Serial number:

AB81DC9F367529BE42665B07570FFA05

File PE Metadata

Compilation timestamp:

11/21/2013 12:26:46 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:komT1omoVSl0HNHXTrw90HSPxHuQQ8mo5QX99nCdCCmG:oToYl0tjr28Qo1X9c

Entry address:

0xA600E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

656.5 KB (672,256 bytes)

Scheduled Task

Task name:

AutoPico Daily Restart

Trigger:

Daily (Runs daily at 11:59)

Remove AutoPico.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.