» aktywator.exe
Overview
Analysis
File Details
Programs (1)
Downloads (5)

aktywator.exe

mini-KMS Activator v1.053 ENG

FreeSoft

The application aktywator.exe, “mini-KMS Activator” has been detected as adware by 27 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program BankBrowser by DialCom24 Sp. z o.o.. The file has been seen being downloaded from revpx130.chomikuj.pl and multiple other hosts.

File name:

aktywator.exe

Publisher:

FreeSoft

Product:

mini-KMS Activator v1.053 ENG

Description:

mini-KMS Activator

Version:

1,0,5,3

MD5:

17af9ee08e6f11635f95176aa27b5fd4

SHA-1:

e5d0daf3886bc70a8af6aa54e6f22862fd354ca4

SHA-256:

a392f9f571b435bc273e3ce91ff47bd3a5dba041d473b3ce9f4474fc2f1f0daa

Scanner detections:

27 / 68

Status:

Adware

Analysis date:

11/24/2024 4:23:47 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Backdoor.Hupigon

7.1.1

AhnLab V3 Security

Dropper/Hupigon.1057280

2014.01.09

Avira AntiVirus

DR/Hupigon.212055.3

7.11.138.58

avast!

Win32:VBCrypt-AKV [PUP]

2014.9-140521

AVG

Generic24

2015.0.3528

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.14322

Bkav FE

W32.Clodf99.Trojan

1.3.0.4613

Comodo Security

UnclassifiedMalware

17576

ESET NOD32

Win32/HackKMS.A potentially unsafe application

8.0.319.0

Fortinet FortiGate

W32/KeyGen.DW!tr

5/21/2014

herdProtect (fuzzy)

variant of mini-kms activator v1.2 office2010 vl eng.exe (Adware)

2014.5.21.4

IKARUS anti.virus

possibleThreat.Activator.Microsoft

t3scan.2.2.29

Malwarebytes

Riskware.Crk

v2014.03.22.05

McAfee

Crack-WindowsWGA.c

5600.7184

Microsoft Security Essentials

HackTool:Win32/Offact

1.10401

MicroWorld eScan

Trojan.ADH

15.0.0.423

NANO AntiVirus

Trojan.Win32.Hupigon.nesrr

0.28.0.58491

Norman

Suspicious_Gen2.AZVAG

11.20140322

nProtect

Backdoor/W32.Hupigon.1057280.B

14.01.08.02

Reason Heuristics

Win32.Generic

16.2.23.18

Rising Antivirus

PE:Trojan.Win32.Generic.1247EB4E!306703182

23.00.65.14320

Sophos

Troj/KeyGen-DW

4.96

Total Defense

malicious

37.0.10498

Trend Micro House Call

HKTL_KEYGEN

7.2.81

Trend Micro

HKTL_KEYGEN

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

25220

ViRobot

Backdoor.Win32.A.ZAccess.1057280

2011.4.7.4223

File size:

1 MB (1,074,176 bytes)

Product version:

1,0,5,3

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

2/7/2009 6:33:08 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

12288:XhkqqrSo4VXMuc9cdQqiZIVgQ1HeH0e1a9E0PU08NTjreLnYwaU087HdS99NaqfF:XhcghM8BR6a9E0PFQ/U0jscq13p6p

Entry address:

0x298210

Entry point:

60, BE, 15, A0, 59, 00, 8D, BE, EB, 6F, E6, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 6D, 69, 29, 00, 57, 83, C3, 04, 53, 68, EE, E1, 0F, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

1020 KB (1,044,480 bytes)

The file aktywator.exe has been discovered within the following program.

BankBrowser by DialCom24 Sp. z o.o.

BankBrowser is part of the Przelewy24 software.

www.bankbrowser.pl

About 3% of users remove it

The file aktywator.exe has been seen being distributed by the following 5 URLs.

http://revpx130.chomikuj.pl/.../File.aspx?e=bDbSGGuoTDhfhBb4mocVzGSIwsUD3AQd6teXtchrz41JfUkmMZJpe8X4bwFMopyjavj7s2bxIJriRV_jlLYyQQEsoP77ZkfGI2bdQihd8iFdaeEkD2v3jehEJJAPFjA-ACzbS9bHaOZofqbueg9HFw&pv=2

https://mega.co.nz/temporary/.../c1Q1yDpT

http://mokart.pl/Aktywator.exe

ftp://hal.pc.pl/home/smb/Instalki/biuro/.../Aktywator.exe

http://s.alkom.info/~lwojs/.../Aktywator.exe

Remove aktywator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.