Online Virus Checker | v.1.0.179.174 |
DB Version: | 2024-06-13 16:00:39 |
Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.
File | Dctooux.exe |
Checked | 2024-06-13 13:56:19 |
MD5 | b301aadbc50a1ab085f8ef2268aed5e2 |
SHA1 | 435d32f0176818fc8bdcced29b58e359894b7f27 |
SHA256 | 7b4dc90b59760320253596a753556de932a32fd1967726b7321a0095760f7bcf |
SHA512 | 698c8ca820f1e973d3671243eee4aeaec93a52711577ec885be89018cefdb3fed992995c210c9e78b06ef2b134fa60cc8406e87862357613282102bf76cb299d |
Imphash | 759b6088a173126a12a6f044026a6925 |
File Size | 397824 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.tr without requiring further user intervention.
FileVersions | 76.23.27.13 |
InternalName | Storm |
FileDescription | Line |
LegalCopyright | Copyrights (C) 2023, fulletienen |
OriginalFilenames | GileraScooters |
ProductName | Viejestedios |
ProductVersions | 68.51.78.19 |
Translation | 0x16fe 0x06da |
6399e5b02aa9ccf05207f108d122f385 27d041a43177618d7bd4cdbe6adb4ae3 c8b4a4a4a4a494e0 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x004043ff |
Compilation: | 2023-10-10 14:19:53 |
Checksum: | 0x00069e1c (Actual: 0x00069e1c) |
OS Version: | 5.1 |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 4 |
Imports: | KERNEL32, USER32, GDI32, ADVAPI32, WINHTTP, |
Exports: | 0 |
Resources: | 30 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00010eaa | 0x00011000 | 0a1003efa98016c7cf15d700d9260e08 | 6.70 |
.rdata | 0x00012000 | 0x00006e50 | 0x00007000 | 296f3eef47f0b3df0be50e3c45f969a8 | 4.77 |
.data | 0x00019000 | 0x0026b368 | 0x0003b600 | 7341a2b93820e963ca73fb7d60d7d38a | 7.92 |
.rsrc | 0x00285000 | 0x0000d748 | 0x0000d800 | 86de5e4024d63026ae482482463f20ff | 4.51 |