home

AutoPico.exe

AutoPico

ByELDI Certificate

The application AutoPico.exe by ByELDI Certificate has been detected as a potentially unwanted program by 6 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.
Publisher:
ByELDI Certificate  (signed and verified)

Product:
AutoPico

Version:
8.6.1.0

MD5:
a9db63efc4439ddb5765f96016d3f337

SHA-1:
891f6449953f2aaea44bd882a1b6fc6bbc8852e7

SHA-256:
648784f2a8be542e5ee6e3654fa01565048c3956d8505f5acea706d813fd9778

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
4/24/2024 10:06:17 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.Generic.10016734
10.0.0.5366

ESET NOD32
MSIL/HackTool.IdleKMS.B potentially unsafe application
7.0.302.0

F-Secure
Trojan.Generic.10016734
5.15.21

Microsoft Security Essentials
Threat.Undefined
1.213.5746.0

Norman
Trojan.Generic.10016734
18.01.2016 17:20:53

Sophos
PUA 'KMS Activator'
5.23

File size:
1.7 MB (1,810,200 bytes)

Product version:
8.6.1.0

Original file name:
AutoPico.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\kmspico\autopico.exe

Digital Signature
Signed by:
ByELDI Certificate

Authority:
ByELDI Certificate

Valid from:
11/17/2013 6:41:41 PM

Valid to:
12/31/2039 11:59:59 PM

Subject:
CN=ByELDI Certificate

Issuer:
CN=ByELDI Certificate

Serial number:
AB81DC9F367529BE42665B07570FFA05

File PE Metadata
Compilation timestamp:
11/20/2013 9:53:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:BomT1omoVSluLdNHXTrw90HSPxH2LU/o5dX99nCdC1tJ:LToYluL7jr28rkkX9x

Entry address:
0xA5FCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, CD, 8C, 52, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 60, 0A, 00, 1C, 44, 0A, 00, 52, 53, 44, 53, 7B, 96, DD, FE, 7E, F0, B5, 4B, 9A, E9, D2, C8, 29, 1E, AB, 62, 01, 00, 00, 00, 4A, 3A, 5C, 44, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 56, 69, 73, 75, 61, 6C, 20, 53, 74, 75, 64, 69, 6F...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
656 KB (671,744 bytes)

Scheduled Task
Task name:
AutoPico Daily Restart

Trigger:
Daily (Runs daily at 11:59)


Remove AutoPico.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.