formingus 2 Posted January 22, 2023 Posted January 22, 2023 I am in GSM unlock business , sometimes protection are spread over my hard drive. Once i get hacked and now i am using Interactive mode of Firewall. I got some outbound connection for some test.dat. Scanning will not show any thing , is there a way to send for deep analyze of this file ? Because it maybe some protection of my software that use outbound and in this case if i block it my software will not work certain things!
Solution itman 1,806 Posted January 22, 2023 Solution Posted January 22, 2023 (edited) TCP Port 1688 is used by Microsoft's KMS service: https://www.speedguide.net/port.php?port=1688 . That is its used to verify the license status of Microsoft software such as Office, etc.. The first question is if you are using license cracking software such as KMSAuto? You mention GMS unlock activities which I assume has something to do with unlocked cell phones? Perhaps this test.dat file is associated with that. In any case, with zero detection's of it at VT, it doesn't appear to be malware. However your posted screen shot results shows a 4 year old scan result. Run a reanalyze on the file at VT. Edited January 22, 2023 by itman
Recommended Posts