Analysis MD5: df608bdb810684df278ba5e0c38c8885
Analysis of the file classifies it as a class F (Malicious). The file is malicious, do not use it. The trust index of this analysis is 100 % (certain).
AutoKMS.exe is part of the Trojanstartpage.DAW malware. This file is a security risk for your system and the system of others.
|First seen:||06 Dec, 2010|
|Last seen:||24 Jul, 2015|
|Last analysis:||06 Dec, 2017|
|File size:||615936 bytes (602 KB.)|
This file has no digital signature. The publisher of this file could not be verified.
File entropy match: File code
This file contains (executable) code.
Executable fileAn executable file causes a computer "to perform indicated tasks according to encoded instructions," as opposed to a data file that must be parsed by a program to be meaningful.
The determination of a file type is done with a signature or magic-numbers. Files are identified using by comparing the first set of bytes in the file header. Using this method type of files are recognised no matter the extension used. This information is useful to for example recognise executable files cloaked as images or movies.
Malicious code scan
Malicious code found
Agics makes een analysis of the source code of the file. We look for comparisons with known malicious source code. This is a good way to detect new malicious files which are in fact variations of existing, and known malicious files.
Fuzzy hash a.k.a. Context Triggered Piecewise Hashing
Context Triggered Piecewise Hashing, also called Fuzzy Hashing, can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length. Comparing a fuzzyhash is a good way to detect morphing malware. Malware which include random code in every copy to change its properties. Agics uses ssdeep to make create a fuzzyhash.
No match found
Online virus scanners
Available on virusshare.comVirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code. Presence of the sample on this site indicates that the file is (Once considered) being malicious.
National Software Reference Library
Not on the nsrl listThe NSRL contains a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts.
Statistic analysis of the file
|Similar to other files with the same name|
|Other files with the same name do not have a certificate as well|
|This is not a common file|
Neural network analysis
A neural network is a type of artificial intelligence. It recognized patterns nog clear for a human viewer. Our neural network is surprisingly accurate in recognizing dangerous files. The value below is the predicted chance the file is malicious.
Read feedback on this file from other users. Help other users by providing feedback yourself.