Gridinsoft Logo

6f31b1b2b0f080c1569d5dfb2840244be2c8ef84824b0fecf686c6e42def3aa7 Trojan Amadey Analysis

Trojan Amadey
Updated on 2024-04-04 (8 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.171.174
DB Version: 2024-04-04 15:00:12

Trojan.Win32.Amadey.tr

Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.

File 6f31b1b2b0f080c1569d5dfb2840244be2c8ef84824b0fecf686c6e42def3aa7
Checked 2024-04-04 12:35:57
MD5 880a075ad80df403c769a3fe24dff9d4
SHA1 de151458c131aff98d149a7c9dd4d34f9b74c8bb
SHA256 6f31b1b2b0f080c1569d5dfb2840244be2c8ef84824b0fecf686c6e42def3aa7
SHA512 6525f1b41415b2ee47d2804f828f5ad445272a1112e5d8756004c509da4b91388813858c93d7f1b34dcde9e4e799d48dc318bd34a5bff7be5c7e7c8cbc9e3035
Imphash 2eabe9054cad5152567f0699947a2c5b
File Size 1912320 bytes

Trojan.Win32.Amadey.tr Removal

Trojan.Win32.Amadey.tr Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.tr without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

Portable Executable Info

Image Base: 0x00400000
Entry Point: 0x008bb000
Compilation: 2024-03-03 06:02:23
Checksum: 0x001d4622 (Actual: 0x001dc998)
OS Version: 6.0
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 7
Imports: kernel32,
Exports: 0
Resources: 1

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
0x00001000 0x00068000 0x0002ea00 8c93bb17403252a2e28dcfbd1a57fb94 7.98
.rsrc 0x00069000 0x000001e0 0x00000200 8c39ef38ac0cc0f995a723f6b6bcb474 4.53
.idata 0x0006a000 0x00001000 0x00000200 17662c92043abde8b4b3074dcc401ca6 1.02
0x0006b000 0x002ae000 0x00000200 e5cce162d06d79b39466fe59921abf1b 0.26
scktkwxv 0x00319000 0x001a1000 0x001a0600 1a7774100cb6c140e98c26505658090b 7.95
rdcbyvpq 0x004ba000 0x00001000 0x00000600 6c3020c75b67aa4bdbe01f529dfbbd45 5.15
.taggant 0x004bb000 0x00003000 0x00002200 2d091599815d3919287fee7489381caf 0.74

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware