» aa_v3.5.exe
Overview
Analysis
File Details
Downloads (4)

aa_v3.5.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 70.38.40.189 and multiple other hosts.

File name:

aa_v3.5.exe

MD5:

0e5ee754378233db0ccaad864c615933

SHA-1:

6fe69bbc0ae92e1167ef61950ecf9069c191ef08

SHA-256:

f23a9d27cdbf2425b4f8f07182d80539f94dab9db1ca561507b5cf67fcb813d2

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/16/2024 2:49:50 AM UTC (today)

File size:

1.4 KB (1,417 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\aa_v3.5.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

24:nBYBZ7eAIHeAjrLF4cymgmrfMqb8wObd6l3AORufAO5IPjAOxAOSwAIAeP1sAuvy:BsZeAIHeAjFx7rfMRVdD8P0DPI7P

Entry point:

3C, 3F, 70, 68, 70, 0A, 0A, 09, 24, 61, 67, 65, 6E, 74, 20, 3D, 20, 74, 72, 69, 6D, 28, 24, 5F, 53, 45, 52, 56, 45, 52, 5B, 27, 48, 54, 54, 50, 5F, 55, 53, 45, 52, 5F, 41, 47, 45, 4E, 54, 27, 5D, 29, 3B, 0A, 09, 24, 69, 73, 5F, 6F, 70, 65, 72, 61, 20, 20, 3D, 20, 28, 73, 74, 72, 69, 70, 6F, 73, 28, 24, 61, 67, 65, 6E, 74, 2C, 20, 27, 4F, 50, 52, 2F, 27, 29, 21, 3D, 3D, 66, 61, 6C, 73, 65, 29, 3B, 0A, 09, 24, 69, 73, 5F, 63, 68, 72, 6F, 6D, 65, 20, 3D, 20, 28, 73, 74, 72, 69, 70, 6F, 73, 28, 24, 61, 67, 65... 
[+]

The file aa_v3.5.exe has been seen being distributed by the following 4 URLs.

http://70.38.40.189/AA_v3.5.exe

http://www.ammyy.com/AA_v3.5.exe

http://70.38.40.185/AA_v3.5.exe

http://www.ammyy.com/AMMYY_Admin.exe

Scan aa_v3.5.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.