» mini-kms_activator_v1.31_office2010_vl_rus.exe
Overview
Analysis
File Details
Downloads (2)

mini-kms_activator_v1.31_office2010_vl_rus.exe

mini-KMS_Activator

FreeSoft

The application mini-kms_activator_v1.31_office2010_vl_rus.exe, “mini-KMS Activator v1.31 Office2010 VL RUS” has been detected as adware by 41 anti-malware scanners. This is a setup program which is used to install the application. It is also typically executed from the user's temporary directory.

File name:

Publisher:

FreeSoft

Product:

mini-KMS_Activator

Description:

mini-KMS Activator v1.31 Office2010 VL RUS

Version:

1,3,1,0

MD5:

5fca0499396b9ab97a8b4239d2c3708e

SHA-1:

4d4b15e61d31b75b429bc1f03fd40e260d424a1b

SHA-256:

380a533f24a43d4580b7235d7a927eb1661e5a669e339461c6a7959e7f3a7d1e

Scanner detections:

41 / 68

Status:

Adware

Analysis date:

1/15/2025 5:05:59 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.7581271

956

Agnitum Outpost

Trojan.DR.Agent

7.1.1

AhnLab V3 Security

Trojan/Win32.KeyGen

2014.06.12

avast!

Win32:Malware-gen

2014.9-140624

AVG

Crack.CO.dropper

2015.0.3434

Baidu Antivirus

Hacktool.Win32.HackKMS

4.0.3.14624

Bitdefender

Trojan.Generic.7581271

1.0.20.875

Bkav FE

W32.Clodda9.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18521

Emsisoft Anti-Malware

Trojan.Generic.7581271

8.14.06.24.08

ESET NOD32

Win32/HackKMS

8.9932

Fortinet FortiGate

W32/Keygen.DX!tr

6/24/2014

F-Prot

W32/HackMS.A

4.6.5.141

F-Secure

Trojan.Generic.7581271

11.2014-24-06_3

G Data

Trojan.Generic.7581271

14.6.24

IKARUS anti.virus

not-a-virus.Activator.KMS

t3scan.1.6.1.0

McAfee

Artemis!5FCA0499396B

5600.7090

Microsoft Security Essentials

HackTool:Win32/Keygen

1.10600

MicroWorld eScan

Trojan.Generic.7581271

15.0.0.525

Norman

Suspicious_Gen2.BZDVI

11.20140624

nProtect

Trojan.Generic.7581271

14.06.11.01

Panda Antivirus

Trj/CI.A

14.06.24.08

Qihoo 360 Security

Win32/Trojan.b7f

1.0.0.1015

Reason Heuristics

Win32.Generic

16.4.28.22

Rising Antivirus

PE:Trojan.Win32.Generic.12A809C0!313002432

23.00.65.14622

Sophos

Troj/Keygen-DX

4.98

Total Defense

malicious

37.0.10994

Trend Micro House Call

TROJ_SPNR.04CI11

7.2.175

Trend Micro

TROJ_SPNR.04CI11

10.465.24

VIPRE Antivirus

HackTool.Win32.Keygen

30218

File size:

1 MB (1,052,672 bytes)

Product version:

1,3,1,0

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\mini-kms_activator_v1.31_office2010_vl\mini-kms_activator_v1.31_office2010_vl_ru\mini-kms_activator_v1.31_office2010_vl_rus.exe

File PE Metadata

Compilation timestamp:

2/7/2009 10:33:08 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

24576:8eodxrUY501euz1Js7FltjCG6eDbV8y/8tIt/07Lcshwi9eRd:8diY21TMXrV8yUtUG/x8R

Entry address:

0x27CD30

Entry point:

60, BE, 15, 40, 58, 00, 8D, BE, EB, CF, E7, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 6D, A9, 27, 00, 57, 83, C3, 04, 53, 68, 0A, 8D, 0F, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

1000 KB (1,024,000 bytes)

The file mini-kms_activator_v1.31_office2010_vl_rus.exe has been seen being distributed by the following 2 URLs.

about:internet

http://download.hdd.tomsk.ru/.../qjluaozo?37fbe37c91cb58eb283cb3e0c84482eb

Remove mini-kms_activator_v1.31_office2010_vl_rus.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.