Threat Database Potentially Unwanted Programs PUP.HackKMS.LA

PUP.HackKMS.LA

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.HackKMS.LA
Signature status:	No Signature

Known Samples

MD5: 871b58e5afaff2fcfd61ec687ea88e12

SHA1: 4a358d48bf728cd84d7a91a67b03e533f7c6e7be

SHA256: 5882A2D8FF3233F15120326F16A459CC7B98AA107D26F719E6D114D380C3E123

File Size: 20.01 KB, 20008 bytes

MD5: 777cdb736ecd2eaa247f110d9f86d288

SHA1: a672fd07ccadd8e151ce32823f16640b375d7b19

SHA256: C2ABA976194F66EA68F4F5975096BC609563D9462C56995289D58FC49DB9B142

File Size: 20.01 KB, 20008 bytes

MD5: 99d7dcd50e0822926391f2a6e4075880

SHA1: 3605b48789ab7a224bbea3af7b0384a4f30d7032

SHA256: FAEAD52D3B8947141370B55BC2CC7E809181761CAD16659F9CB4143D2DCF6408

File Size: 20.01 KB, 20008 bytes

MD5: dc0e3c6ef3756d7e776622f2457459e0

SHA1: 828e33e2f0017baa3d6420152480480e6c021787

SHA256: DAA7D5FE0964A5697EEB097A3EDF8A1A7EB332CA23790A228E72E1B69ADA6C71

File Size: 20.01 KB, 20008 bytes

MD5: 27fecf0ee1ff30e8b01384573bf866ea

SHA1: d1b82bf97e5e867c0b97423cfceb6e99793eb6bc

SHA256: 828507103550DBA5A5B0B18B7C6E64724A54F5D47C5EFD0910B2A6A3A1A92BDA

File Size: 20.01 KB, 20008 bytes

Show More

MD5: 5f4b44c1b0e23240304774d1006bfbc6

SHA1: 4bf9a90c0862cbb964cd0a86b56d0c5c567e4bd4

SHA256: F1FAE75AEC351624DF3AE3CF2213006895DC58AEBBBDDBEBEFFCE2BAA73E0AF6

File Size: 20.01 KB, 20008 bytes

MD5: e8852867fcb5b24578fb311bfc6546af

SHA1: 9d6c6d84120d40c7cdd1523b5943b80340aa4f73

SHA256: BA6557A74EA21451CFDFABC8C9B3A6082CBE5F13A25E35E44782431AEE4C20AA

File Size: 20.01 KB, 20008 bytes

MD5: ed40c91a5944cc3803a642cc47c55f49

SHA1: 7c71538aa13abafe37de5072ffffee61659b30ab

SHA256: 337AC5CEC11B27C28C5FB01C3804967DBC41727F90AE8F81A099C670ED745E88

File Size: 20.01 KB, 20008 bytes

MD5: 2033da2e050338ad755e1f409c7d3a50

SHA1: 5834ac1e0481c0a34f11927663def148de32eedf

SHA256: DD3F0E5998FC8591DB81D9E2DE757FD0A8C8191356F06784B66A6E61CF38D0D5

File Size: 20.01 KB, 20008 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have resources
File doesn't have security information
File is 64-bit executable
File is driver (IMAGE_SUBSYSTEM_NATIVE)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

dll
ntdll
x64

Block Information

Total Blocks:	42
Potentially Malicious Blocks:	38
Whitelisted Blocks:	4
Unknown Blocks:	0

Visual Map

x x x x x x 0 x x 0 x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 x

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

HackKMS.LA

Windows API Usage

Category

API

Syscall Use

ntdll.dll!NtAccessCheck
ntdll.dll!NtAlertThreadByThreadId
ntdll.dll!NtAlpcSendWaitReceivePort
ntdll.dll!NtApphelpCacheControl
ntdll.dll!NtClose
ntdll.dll!NtConnectPort
ntdll.dll!NtCreateMutant
ntdll.dll!NtCreateSection
ntdll.dll!NtDuplicateToken
ntdll.dll!NtFreeVirtualMemory

Show More

ntdll.dll!NtMapViewOfSection
ntdll.dll!NtOpenFile
ntdll.dll!NtOpenKey
ntdll.dll!NtOpenKeyEx
ntdll.dll!NtOpenProcessToken
ntdll.dll!NtOpenProcessTokenEx
ntdll.dll!NtOpenSection
ntdll.dll!NtOpenSemaphore
ntdll.dll!NtOpenThreadTokenEx
ntdll.dll!NtProtectVirtualMemory
ntdll.dll!NtQueryAttributesFile
ntdll.dll!NtQueryDebugFilterState
ntdll.dll!NtQueryInformationProcess
ntdll.dll!NtQueryInformationThread
ntdll.dll!NtQueryInformationToken
ntdll.dll!NtQueryKey
ntdll.dll!NtQueryPerformanceCounter
ntdll.dll!NtQuerySecurityAttributesToken
ntdll.dll!NtQueryValueKey
ntdll.dll!NtQueryVirtualMemory
ntdll.dll!NtQueryVolumeInformationFile
ntdll.dll!NtQueryWnfStateData
ntdll.dll!NtReleaseMutant
ntdll.dll!NtReleaseSemaphore
ntdll.dll!NtReleaseWorkerFactoryWorker
ntdll.dll!NtRequestWaitReplyPort
ntdll.dll!NtSetEvent
ntdll.dll!NtSetInformationProcess
ntdll.dll!NtSetInformationVirtualMemory
ntdll.dll!NtSetInformationWorkerFactory
ntdll.dll!NtSubscribeWnfStateChange
ntdll.dll!NtTestAlert
ntdll.dll!NtTraceControl
ntdll.dll!NtUnmapViewOfSection
ntdll.dll!NtUnmapViewOfSectionEx
ntdll.dll!NtWaitForAlertByThreadId
ntdll.dll!NtWaitForSingleObject
ntdll.dll!NtWaitLowEventPair
ntdll.dll!NtWriteFile
UNKNOWN

Trending

Trojan.Agent.GYG

October 24, 2025

Analysis Report General information Family Name: PUP.HackKMS.LA Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated with...

Adware.Browster screenshot

Adware.Browster

February 3, 2026

Analysis Report General information Family Name: PUP.HackKMS.LA Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated with...

Trojan.Tasker.EA

October 15, 2025

Analysis Report General information Family Name: PUP.HackKMS.LA Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated with...

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

June 29, 2021 36,043

Printers are notorious for refusing to do their job whenever the user needs it the most. Luckily, if your printer is displaying the Printer Driver is Unavailable' error, then there are a couple of...

How to Fix 'macOS cannot verify that this app is...

November 15, 2021 29,128

Mac users usually encounter the 'macOS cannot verify that this app is free from malware' message while trying to install applications from unknown developers or ones that are not available on the...

Discord Shows Black Screen when Sharing Screen screenshot

Discord Shows Black Screen when Sharing Screen

June 21, 2021 28,872

When it first launched, Discord was a VoIP platform geared toward the gaming community. However, in the following years, it expanded its scope, added numerous new features, and became one of the...

Loading...