How to remove AA_v3.exe
AA_v3.exe
The module AA_v3.exe has been detected as Risk.RemoteAdmin
File Details
| Product Name: | Ammyy Admin |
| Company Name: | Ammyy LLC |
| MD5: | 18e6fbf3a7799ead04694742028458de |
| Size: | 701 KB |
| First Published: | 2017-07-13 16:11:08 (7 years ago) |
| Latest Published: | 2019-12-12 13:46:35 (4 years ago) |
| Status: | Risk.RemoteAdmin (on last analysis) | |
| Analysis Date: | 2019-12-12 13:46:35 (4 years ago) |
Overview
| Signed By: | Ammyy |
| Status: | Valid |
Common Places:
| %profile%\desktop |
| %profile%\downloads |
| %windir%\system32 |
| %desktop% |
| %sysdrive%\tc image1717\programs\internet |
| %sysdrive% |
| %profile% |
| %sysdrive%\total commander\utilites |
| %sysdrive%\all backup\backup\manual backup\sharebackup\1396\960526\farahzadi\فرحزادي\d\new folder (2)\نصرتی\paya\old\other |
| %sysdrive%\all backup\backup\manual backup\sharebackup\1396\960526\nosrati\paya\old\paya cd\other |
File Names:
| AMMYY-遠端連線.exe |
| AA_v3.exe |
| AMMYY_Admin.exe |
| Ammyy.exe |
| Core Destek.exe |
| Ammyy Admin 3.3.exe |
| aa_v3.exe |
Geography:
| 44.0% | ||
| 20.0% | ||
| 8.0% | ||
| 8.0% | ||
| 4.0% | ||
| 4.0% | ||
| 4.0% | ||
| 4.0% | ||
| 4.0% |
OS Version:
| Windows 7 | 48.0% | |
| Windows Server 2012 R2 | 36.0% | |
| Windows 10 | 12.0% | |
| Windows 8.1 | 4.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00076d3e |
PE Sections:
| Name | Size of data | MD5 |
| .text | 507904 | 2d00c8eadf550aa76f62b8f210d63b94 |
| .rdata | 69632 | 5413c7e634c120fd0f7ebe456c024b70 |
| .data | 86016 | 847933c619d8d67928ef946d081046b7 |
| .rsrc | 45056 | 266fe0c2f0f4e2cf63e9a96ee07f4715 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for AA_v3.exe
