home

aa_v3.4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.ammyy.com.
MD5:
07ea3c7c7e49cb29e59fe041341c54b8

SHA-1:
bacb38a658f7948f2771a5ae327148b01c87ef91

SHA-256:
6792f026f98dab0c54037e229de9206dba3953f0937137ac1715607f538bf4da

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 7:38:52 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:RemoteAdmin-B [PUP]
160118-1

Dr.Web
riskware program Program.RemoteAdmin.701
9.0.1.05190

File size:
723.4 KB (740,784 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\aa_v3.4.exe

File PE Metadata
Compilation timestamp:
1/14/2014 9:25:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:8YdNctvsfu2LVBfEf057C9lRt3i5olGJsxhzngH:HdNikfu2hBfE8ilRty5olGJsxSH

Entry address:
0x79AFE

Entry point:
A6, F5, FF, FF, CC, CC, 8B, 4D, F0, E9, 71, EB, FA, FF, B8, C4, 4A, 48, 00, E9, 92, F5, FF, FF, CC, CC, 8D, 4D, CC, E9, FC, 87, F8, FF, 8D, 4D, F0, E9, 55, EB, FA, FF, 8D, 4D, E4, E9, 4D, EB, FA, FF, FF, 75, DC, E8, 64, F5, FF, FF, 59, C3, B8, 00, 4B, 48, 00, E9, 64, F5, FF, FF, 8D, 4D, E4, E9, 9D, A3, FD, FF, B8, 24, 4B, 48, 00, E9, 52, F5, FF, FF, CC, CC, FF, 75, 08, FF, 75, F0, E8, 8B, B7, F9, FF, 59, 59, C3, 8B, 4D, F0, E9, 0F, EB, FA, FF, B8, 50, 4B, 48, 00, E9, 30, F5, FF, FF, FF, 75, 08, FF, 75, F0...
 
[+]

Code size:
508 KB (520,192 bytes)

The file aa_v3.4.exe has been seen being distributed by the following URL.

http://www.ammyy.com/AA_v3.4.exe

Scan aa_v3.4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.