Reason Labs

xl3dkp8o9hk.exe

The application xl3dkp8o9hk.exe has been detected as Riskware.KMSPico.HackUtility.
MD5:
f4899e736f3baf4b292fd46a9e2a2474

SHA-1:
7b038423cd400f5c3d0fff53e2fe8d9ea1b8eefb

SHA-256:
7da5ad9714c6035e7daef663093bd34475f220eb0949c9e0c4fd593dfdf802b9

Detection:
Riskware.KMSPico.HackUtility

Risk:
Low

Analysis date:
12/12/2018 12:20:54 PM UTC  (today)

File size:
255.1 KB (261,174 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kmspico\xl3dkp8o9hk.exe

File PE Metadata
Compilation timestamp:
3/2/2013 10:03:45 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

Entry address:
0x1296F

Entry point:
E8, 99, 98, 00, 00, E9, 87, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 24, 89, 43, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, D8, 05, 43, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 24, 89, 43, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00...
 
[+]

Characteristics:
0x258

Code size:
156 KB (159,744 bytes)

xl3dkp8o9hk.exe is installed together with the following file.

Riskware.KMSPico.HackUtility
04qmeol8keh.exe  (74bd2dcbd23476cbbc0e78ff0305c133477c00e6)

There are numerous known code variantions that share the same compilation structure.

Riskware.KMSPico.HackUtility
zwptxqtmfev.exe  (7dd1917baeb0511be15150e61298a08d2edbcbb5)

Riskware.KMSPico.HackUtility
yu9gzcp6juy.exe  (54c3a5f5549ce0f37c3c471e14fb74c219eb11ef)

Riskware.KMSPico.HackUtility
yrttm6dgpci.exe  (cdf496f1249e23589d0cc436186ae4a520d944e9)

Riskware.KMSPico.HackUtility
ybgzkrhtytm.exe  (f4099eebef71d2d225ff4bb57d07af8cd180d099)

Riskware.KMSPico.HackUtility
xxipn0rmpgi.exe  (0741ce2648890bfc6188f06a11db5201962e6383)

Riskware.KMSPico.HackUtility
xa76955nhk0.exe  (ce952806aad4b93301b4cba7f250c5a6690477b7)

Riskware.KMSPico.HackUtility
wtpxotcxnl1.exe  (6d075293a9d0eb446ff8d8941d00bf9fd3e0829d)

Riskware.KMSPico.HackUtility
wrp4s1rbt3i.exe  (8b6ba242c7135e53f92dbb18c6c13bb07ce1faf6)

Riskware.KMSPico.HackUtility
wf9fgoj0zr5.exe  (34014a7caa83bde8df632977883ca3ba315a5cf7)

Riskware.KMSPico.HackUtility
wamp46cggn6.exe  (5c1987c8b67e244ab81efaa900a7088620e31086)

Riskware.KMSPico.HackUtility
v5raffy6lej.exe  (28705d53fb32bb092966518f8165f6c6d961083d)

Riskware.KMSPico.HackUtility
v3wkjxz3ts3.exe  (4cfca08d7bc01a8b844bd6ecdd0b365c6eb027d7)

Riskware.KMSPico.HackUtility
uqw9efoolf0.exe  (744cb2cbc616b74555d60ca80b0b034898a6a1db)

Riskware.KMSPico.HackUtility
u85auvy1gmo.exe  (15644ffbcc5dd7dad38d7b58995143743fa2f8a4)

Riskware.KMSPico.HackUtility
u6bffr0t77q.exe  (94d1e762d952c65fb1a44b6938ce9e1feba173a8)

Download Reason Core Security - Powerful anti-malware software