SecurityHome.eu HackTool:MSIL/Gendows

Home / malware PDF

HackTool:MSIL/Gendows

First posted on 17 June 2014.
Source: Microsoft
Aliases :
There are no other names known for HackTool:MSIL/Gendows.
Explanation :
Threat behavior

This hacktool can be used to activate a pirated version of Microsoft Windows (Windows Vista, Windows 7, Windows 8 and Windows 8.1) and Microsoft Office (Office 2003, Office 2007, Office 2010 and Office 2013).

It is installed as a Key Management Service (KMS) in %SystemDrive% and a front end GUI usually uses this service to automatically activate Windows and Office. An example of the GUI can be seen below.

Analysis by Zhitao Zhou

Symptoms

Alerts from your security software may be the only symptom.

Last update 17 June 2014

TOP

Malware :

Backdoor:Win32/Heloag.A
Exploit:Win32/CVE-2011-3402
Trojan:Win32/Obfac
Exploit:Win32/Pdfjsc.YP
TrojanDownloader:Win32/Bofang.B

Last 20