Trojan Amadey Malware Analysis
| Online Virus Checker | v.1.0.136.174 |
| DB Version: | 2023-09-08 21:01:48 |
| Available languages: |        |
Scan Your File
Analyze suspicious files to detect malware and automatically share them with our team. You can compress your file into a zip archive (if needed, we use the password "infected" to extract before checking).
Trojan.Win32.Amadey.bot
Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.
| Checked: | 2023-09-08 19:06:13 |
| MD5: | c0be6125e7dcc58fa0fadcae2336c175 |
| SHA1: | 8f8f332da9bfdc766750a8d8374c092d91d906f7 |
| SHA256: | 003a08abfcfafcb17432cbbe07a9ad9f0f09be33c6dad635be8bf27a27ac6e23 |
| SHA512: | a552732212f407b368dc3a3e236cedc6c1d2f236c9eb02346784851e36fd19a1aa7e73fa77327306afe1364438142b7f188523b028e9fba4333baf7e713dc223 |
| Imphash: | ca5e654936223dcb46b3d455ca72de41 |
| File Size: | 324608 bytes |
Trojan.Win32.Amadey.bot Removal
Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.bot without requiring further user intervention.
- Start by downloading Gridinsoft Anti-Malware to your computer.
- Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
- Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
- Click on the "Standard Scan" button.
- After the scanning process is finished, click on "Clean Now" to remove any detected threats.
- If prompted, restart your system to complete the removal process.
File Version Information
| FileDescriptions | Anybodies |
| FileVersions | 92.51.49 |
| InternalName | Supermoto.exe |
| LegalCopyrights | Challangers bojala |
| ProductName | Bonni |
| ProductVersion | 27.5.34.0 |
| Translation | 0x124e 0x043a |
Portable Executable Info
 |
a9c070a70e374618855dee754549922e 8468458797249c706afdc7aa3651eea7 8864e190c6e72184 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x00408a1e |
| Compilation: | 2022-03-16 19:55:25 |
| Checksum: | 0x0005d963 (Actual: 0x0005d963) |
| OS Version: | 5.1 |
| PEiD: | - |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 3 |
| Imports: | KERNEL32, GDI32, ADVAPI32, |
| Exports: | 0 |
| Resources: | 31 |
Sections
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00026be4 | 0x00026c00 | 5897f88e7cec007ebea5c7bead720630 | 5.41 |
| .data | 0x00028000 | 0x01ebbec8 | 0x00016800 | da5b2c3d829468ec9de340bb6b9d10cd | 7.25 |
| .rsrc | 0x01ee4000 | 0x00011b48 | 0x00011c00 | faa42e902c7b77399b6d042f062d9cae | 3.82 |
