How to remove AmmyAdmin.exe
- File Details
- Overview
- Analysis
AmmyAdmin.exe
The module AmmyAdmin.exe has been detected as Risk.RemoteAdmin
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
8654490aa54bc78c5397727d02f997f9 |
| Size: |
782 KB |
| First Published: |
2020-02-22 08:05:25 (5 years ago) |
| Latest Published: |
2022-11-01 23:06:28 (3 years ago) |
| Status: |
Risk.RemoteAdmin (on last analysis) |
|
| Analysis Date: |
2022-11-01 23:06:28 (3 years ago) |
Overview
| %sysdrive% |
| %profile% |
| %desktop% |
| %profile% |
| %profile% |
| %profile% |
| %profile%\downloads |
| %profile% |
| %programfiles% |
| %localappdata%\microsoft\windows\inetcache\ie |
|
21.7% |
|
|
13.0% |
|
|
13.0% |
|
|
8.7% |
|
|
8.7% |
|
|
8.7% |
|
|
4.3% |
|
|
4.3% |
|
|
4.3% |
|
|
4.3% |
|
|
4.3% |
|
|
4.3% |
|
| Windows 10 |
82.6% |
|
| Windows 8.1 |
8.7% |
|
| Windows 7 |
8.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00080d18 |
| Name |
Size of data |
MD5 |
| .text |
557056 |
30a292b712defa45567f7d3d877b1e8c |
| .rdata |
106496 |
e7a02a9a884c6d212160cab3911bc4f0 |
| .data |
81920 |
dc8df12eed7f3158926754e3a4788a87 |
| .rsrc |
45056 |
f6897fe44832faadd2ac9ae82c5421b1 |
