home

emflyh.exe

KMS GUI ELDI

@ByELDI

The application emflyh.exe has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
@ByELDI

Product:
KMS GUI ELDI

Version:
18.1.0.0

MD5:
10905304560ccb3ced7b76a89bd71d37

SHA-1:
66237d12ad8ac2f6226aaf2ea2ed25c36d5c136a

SHA-256:
93ffdb39887f59adbb6e4100ea777c8c01384867612b89254fa44f228b363034

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
5/10/2024 4:47:37 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.HackTool
7.1.1

avast!
Win32:HackTool-GK [PUP]
140929-0

ESET NOD32
MSIL/HackTool.IdleKMS.A potentially unsafe application
7.0.302.0

F-Prot
W32/A-48e0a306
v6.4.7.1.166

Norman
IdleKMS.A
11.20141002

VIPRE Antivirus
Threat.4150696
33520

Zillya! Antivirus
Tool.IdleKMS.Win32.2
2.0.0.1940

File size:
1.2 MB (1,272,886 bytes)

Product version:
18.1.0.0

Copyright:
Copyright © 2012

Original file name:
KMSELDI.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\kmspico\emflyh.exe

File PE Metadata
Compilation timestamp:
2/20/2013 5:32:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:NS1i0v1VxMM+qS1i0v1VxMM+0GH30S1i0v1VxMM+2t:NCi0vHkqCi0vHkRHkCi0vHkS

Entry address:
0xDCD7E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
875.5 KB (896,512 bytes)

Remove emflyh.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.