AA_V3.EXE is Trojan RemoteAccess.AmmyyAdmin
The file AA_V3.EXE is identified as a virus dropper.
The dropper AA_V3.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file AA_V3.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the AA_V3.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the AA_V3.EXE process and delete the file AA_V3.EXE.
Malware Analysis of AA_V3.EXE
Full path on a computer: %Temp%\AA_v3.exe
Detected by UnHackMe:
Default location: %Temp%\AA_v3.exe
Removal Results: Success
Number of reboot: 1
AA_V3.EXE is known as:
- MD5: 3cd46aa0e216dc8a67a5a99499c1f7bb
- %Common Appdata%\AMMYY
- %Common Appdata%\AMMYY\hr
- %Common Appdata%\AMMYY\hr3
- %Common Appdata%\AMMYY\settings3.bin