Reason Labs

yu9gzcp6juy.exe

The application yu9gzcp6juy.exe has been detected as Riskware.KMSPico.HackUtility.
MD5:
31a4670faf21acb5d550e29a36356991

SHA-1:
54c3a5f5549ce0f37c3c471e14fb74c219eb11ef

SHA-256:
7ce7cdcdaf0dfeeb92f94362a354bb1d13413d9a21b00c7ce311ec553216d433

Detection:
Riskware.KMSPico.HackUtility

Risk:
Low

Analysis date:
10/19/2018 3:17:28 AM UTC  (today)

File size:
255.1 KB (261,174 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kmspico\yu9gzcp6juy.exe

File PE Metadata
Compilation timestamp:
3/2/2013 10:03:45 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

Entry address:
0x1296F

Entry point:
E8, 99, 98, 00, 00, E9, 87, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 24, 89, 43, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, D8, 05, 43, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 24, 89, 43, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00...
 
[+]

Characteristics:
0x258

Code size:
156 KB (159,744 bytes)

yu9gzcp6juy.exe is installed together with the following file.

Riskware.KMSPico.HackUtility
04qmeol8keh.exe  (74bd2dcbd23476cbbc0e78ff0305c133477c00e6)

There are numerous known code variantions that share the same compilation structure.

Riskware.KMSPico.HackUtility
zwptxqtmfev.exe  (7dd1917baeb0511be15150e61298a08d2edbcbb5)

Riskware.KMSPico.HackUtility
yrttm6dgpci.exe  (cdf496f1249e23589d0cc436186ae4a520d944e9)

Riskware.KMSPico.HackUtility
ybgzkrhtytm.exe  (f4099eebef71d2d225ff4bb57d07af8cd180d099)

Riskware.KMSPico.HackUtility
xxipn0rmpgi.exe  (0741ce2648890bfc6188f06a11db5201962e6383)

Riskware.KMSPico.HackUtility
xl3dkp8o9hk.exe  (7b038423cd400f5c3d0fff53e2fe8d9ea1b8eefb)

Riskware.KMSPico.HackUtility
xa76955nhk0.exe  (ce952806aad4b93301b4cba7f250c5a6690477b7)

Riskware.KMSPico.HackUtility
wtpxotcxnl1.exe  (6d075293a9d0eb446ff8d8941d00bf9fd3e0829d)

Riskware.KMSPico.HackUtility
wrp4s1rbt3i.exe  (8b6ba242c7135e53f92dbb18c6c13bb07ce1faf6)

Riskware.KMSPico.HackUtility
wf9fgoj0zr5.exe  (34014a7caa83bde8df632977883ca3ba315a5cf7)

Riskware.KMSPico.HackUtility
wamp46cggn6.exe  (5c1987c8b67e244ab81efaa900a7088620e31086)

Riskware.KMSPico.HackUtility
v5raffy6lej.exe  (28705d53fb32bb092966518f8165f6c6d961083d)

Riskware.KMSPico.HackUtility
v3wkjxz3ts3.exe  (4cfca08d7bc01a8b844bd6ecdd0b365c6eb027d7)

Riskware.KMSPico.HackUtility
uqw9efoolf0.exe  (744cb2cbc616b74555d60ca80b0b034898a6a1db)

Riskware.KMSPico.HackUtility
u85auvy1gmo.exe  (15644ffbcc5dd7dad38d7b58995143743fa2f8a4)

Riskware.KMSPico.HackUtility
u6bffr0t77q.exe  (94d1e762d952c65fb1a44b6938ce9e1feba173a8)

Download Reason Core Security - Powerful anti-malware software