Online Virus Checker | v.1.0.140.174 |
DB Version: | 2023-09-30 12:04:05 |
Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.
File | file |
Checked | 2023-09-30 09:23:14 |
MD5 | 7737794b0d9818f463ed522e2cc498ae |
SHA1 | 0b6b3d0e71204d0b0b8f3fb78eaed89afb3e9d0c |
SHA256 | ad8b49621e35dd571c0d887af8c026f64b74b48ec1584e64844f83de023b6e96 |
SHA512 | e3c6bfd02ddb4ea666f1225e21aa71b60b5a7dd36edd9715be7481001b3fb307ea10646dd2a602fb6cab8a7b0e17ce01ee1ad1a018c4490af98008a800760e0a |
Imphash | a59b93a815ea9713a41e16c8d0248e4f |
File Size | 250368 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.bot without requiring further user intervention.
FileDescription | Embacucul |
LegalCopyright | Copyright (C) 2022, Anihumusa |
ProductsVersion | 48.78.0.28 |
ProductName | Kuyrnagi |
ProductionVersion | 1.28.15.189 |
Translation | 0x25bf 0x0ad4 |
6927a5e5fb733f9b44c4045305c8038e 2c14b4b30225305ffb5f9e8b0efab552 44d8dac2a2aaaaa0 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x00406b0e |
Compilation: | 2022-10-04 21:40:15 |
Checksum: | 0x00041fb4 (Actual: 0x00041fb4) |
OS Version: | 5.0 |
PDB Path: | C:\damaniyudi-viyutuferoyuf 23\tucixoza\71 wuzeza-tahumit fe.pdb |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 4 |
Imports: | KERNEL32, USER32, GDI32, ADVAPI32, ole32, |
Exports: | 0 |
Resources: | 31 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00028fec | 0x00029000 | b52be357d3c02c4388a4daecfc421e09 | 7.56 |
.data | 0x0002a000 | 0x0000cdc4 | 0x00002000 | bff252a8c66db618a411929e190829a7 | 2.49 |
.rsrc | 0x00037000 | 0x00010090 | 0x00010200 | 67cb4ea75fae7f874bf2cd66b993c3db | 4.60 |
.reloc | 0x00048000 | 0x00001ad2 | 0x00001c00 | 517c7046ff6f60d64d33b3119b9dfbe8 | 3.98 |