AA_V3.EXE is Trojan RemoteAccess.AmmyyAdmin

The file AA_V3.EXE is identified as a virus dropper.
The dropper AA_V3.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file AA_V3.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the AA_V3.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the AA_V3.EXE process and delete the file AA_V3.EXE.

Malware Analysis of AA_V3.EXE
Full path on a computer: %Temp%\AA_v3.exe

Detected by UnHackMe:

AA_V3.EXE
Default location: %Temp%\AA_v3.exe

Removal Results: Success
Number of reboot: 1

AA_V3.EXE is known as:

Trojan.RemoteAccess.AmmyyAdmin

AA_V3.EXE hash:

  • MD5: 3cd46aa0e216dc8a67a5a99499c1f7bb
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect AA_V3.EXE presence?

Folders:
  • %Common Appdata%\AMMYY
Files:
  • %Common Appdata%\AMMYY\hr
  • %Common Appdata%\AMMYY\hr3
  • %Common Appdata%\AMMYY\settings3.bin
  • %Temp%\AA_v3.exe

Fix it immediately!

Free Download

UnHackMe removes malware invisible for your antivirus!

Leave a Reply