How to remove AA_v3.5.exe
- File Details
- Overview
- Analysis
AA_v3.5.exe
The module AA_v3.5.exe has been detected as Risk.RemoteAdmin
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
5686a7032e37087f0fd082a04f727aad |
| Size: |
751 KB |
| First Published: |
2017-07-27 00:10:30 (7 years ago) |
| Latest Published: |
2021-01-12 12:06:02 (4 years ago) |
| Status: |
Risk.RemoteAdmin (on last analysis) |
|
| Analysis Date: |
2021-01-12 12:06:02 (4 years ago) |
Overview
| Signed By: |
Ammyy LLC |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %sysdrive% |
| %programfiles%\nbys ah |
| %desktop% |
| %desktop% |
| %profile% |
| %profile% |
| %desktop% |
| %desktop% |
| %sysdrive%\!system files |
| %desktop% |
| AA_v3.exe |
| AA_v3.5.exe |
| NBYS_Remote.exe |
| aa_v3(5).exe |
|
28.6% |
|
|
21.4% |
|
|
21.4% |
|
|
14.3% |
|
|
7.1% |
|
|
7.1% |
|
| Windows 7 |
50.0% |
|
| Windows 10 |
35.7% |
|
| Windows 8.1 |
7.1% |
|
| Windows 8 |
7.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0007c1ae |
| Name |
Size of data |
MD5 |
| .text |
532480 |
6c1d1d6ff27fa91fd6ba26bee86639cc |
| .rdata |
98304 |
cefbb1b9f297a97c0c8bffde68176261 |
| .data |
81920 |
c7e3d8d8ab83ee6a3ac3d42305096470 |
| .rsrc |
45056 |
88871540d5f40346c0862dba1e09db1f |
