How to remove AA.exe
AA.exe
The module AA.exe has been detected as Risk.RemoteAdmin
File Details
| Product Name: | Ammyy Admin |
| Company Name: | Ammyy LLC |
| MD5: | 3178f23055b264687995248286a1203b |
| Size: | 726 KB |
| First Published: | 2017-05-24 11:09:45 (7 years ago) |
| Latest Published: | 2020-12-16 18:44:30 (4 years ago) |
| Status: | Risk.RemoteAdmin (on last analysis) | |
| Analysis Date: | 2020-12-16 18:44:30 (4 years ago) |
Overview
| Signed By: | Ammyy |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %desktop%\ammyyadmin_v3.5_v3.4_crprt_\ammyy admin v3.4 corporate |
| %sysdrive%\tcpu65\programm\ammyyadmin |
| %profile%\desktop |
| %desktop%\ammyyadmin_v3.5_v3.4_crprt_\ammyyadmin_v3.5_v3.4_crprt_\ammyy admin v3.4 corporate |
| %profile%\downloads\ammyyadmin_v3.5_v3.4_crprt_.rar\ammyyadmin_v3.5_v3.4_crprt_\ammyy admin v3.4 corporate |
| %desktop%\sirket\magna\ammyyadmin_v3.5_v3.4_crprt_\ammyyadmin_v3.5_v3.4_crprt_\ammyy admin v3.4 corporate |
| %desktop%\sirket\magna\ammyyadmin_v3.5_v3.4_crprt_.rar\ammyyadmin_v3.5_v3.4_crprt_\ammyy admin v3.4 corporate |
| %desktop%\programs\ammyyadmin_v3.5_v3.4_crprt_\ammyyadmin_v3.5_v3.4_crprt_\ammyy admin v3.4 corporate |
| %sysdrive%\_data\_adm tools |
| %sysdrive%\install |
File Names:
| AA_v3.exe |
| AA.exe |
| Ammy.v3.4.Corporate.exe |
| Ammy Admin 3.4 Corporate Portable.exe |
| AA_v3.4 .exe |
| Ammy Admin 3.4 Corporate Portable.exe.quarantined |
| AA_v3.4 Corporate.exe |
| Ammy Admin 3.4.exe |
Geography:
| 37.7% | ||
| 21.7% | ||
| 20.3% | ||
| 5.8% | ||
| 5.8% | ||
| 2.9% | ||
| 1.4% | ||
| 1.4% | ||
| 1.4% | ||
| 1.4% |
OS Version:
| Windows 7 | 50.7% | |
| Windows 10 | 34.8% | |
| Windows 8.1 | 11.6% | |
| Windows Server 2003 | 1.4% | |
| Windows Server 2008 R2 | 1.4% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00079afe |
PE Sections:
| Name | Size of data | MD5 |
| .text | 520192 | b1998328aeb79f6c298221f84fa9e003 |
| .rdata | 69632 | 61a29261e85a07256a8447183f38de4d |
| .data | 98304 | 265a3d469d24c467db9409c8768e3636 |
| .rsrc | 45056 | 1c81aeb0e938b8708e5e97c468b221d2 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for AA.exe
