kmstools.exe

WZT

The application kmstools.exe by WZT has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
WZT  (signed and verified)

MD5:
1eea783653b94cf451d8348aa3067fa8

SHA-1:
2c12455f2a7b081c23bab8eb1ec06a49ecd963d5

SHA-256:
1ef0f20d0683ceac664660fd90b1b283aeab60f7495cc8fc2f93d80ac30804b5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 6:48:44 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MSFree.WZT (M)
17.3.2.17

File size:
17.4 MB (18,235,512 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kmstools.exe

Digital Signature
Signed by:

Authority:
WZT

Valid from:
11/8/2015 9:15:49 AM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=WZT

Issuer:
CN=WZT

Serial number:
08A8E826950F1A9940262589FCAF0B8F

File PE Metadata
Compilation timestamp:
4/24/2016 9:51:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

Entry address:
0x1000

Entry point:
68, F0, 06, 00, 00, 68, 00, 00, 00, 00, 68, 0C, B5, 54, 01, E8, E6, B0, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, DF, B0, 00, 00, A3, 10, B5, 54, 01, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, CC, B0, 00, 00, A3, 0C, B5, 54, 01, B8, 5E, FD, 46, 00, A3, A4, B5, 54, 01, E8, B2, E9, 01, 00, E8, E3, DE, 01, 00, E8, 38, DC, 01, 00, E8, C3, CD, 01, 00, E8, 6F, B6, 01, 00, E8, 19, AE, 01, 00, E8, EC, A3, 01, 00, E8, 21, 8B, 01, 00, E8, 1E, 88, 01, 00, E8, CB, 85, 01, 00, E8, 86, 6C, 01, 00...
 
[+]

Packer / compiler:
PKLITE32, 0x1.1

Code size:
373 KB (381,952 bytes)

Remove kmstools.exe - Powered by Reason Core Security