Petshop.exe Trojan Amadey Analysis

Trojan Amadey
Updated on 2023-09-10 (9 months ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.138.174
DB Version:2023-09-10 23:01:43

Trojan.Win32.Amadey.bot

Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.

Filepetshop.exe
Checked2023-09-10 20:15:53
MD50b263f996aae42dba6b44055e63b505a
SHA1f2dd15d70b895cf0ed30317c23114c784c663c93
SHA256b08c232382225409d470264836307781964829e59136644fc442335ec32a22c1
SHA512592ea1a1c3decb8adb50b3d95833dabe2e5debed2c6f8a27dcec312a62344c4801546fe6ef5dd7ccd505bfb6f5105729458e857f8a9c1b4d7986aedd95eb5f90
Imphashb16718553937fc97fe24af91640ef655
File Size255488 bytes

Trojan.Win32.Amadey.bot Removal

Trojan.Win32.Amadey.bot Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.bot without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileDescriptionSilvuple
LegalCopyrightCopyright (C) 2022, Uniqum
OriginalFilenamepetshop.exe
ProductsVersion9.50.11.69
ProductNameMoran
ProductionVersion59.44.80.70
Translation0x05bf 0x0ad4

Portable Executable Info

5215ed5e8b7df13df7a6b2197bba031a
a9a5e23bae8ccf7afef5cdc647580a22
a4a6a8a4b48ca4c8
Image Base:0x00400000
Entry Point:0x0040648a
Compilation:2023-03-13 16:27:27
Checksum:0x0004899d (Actual: 0x0004899d)
OS Version:5.0
PDB Path:C:\suzixuvixi-rina\xarofarecay\bedihadexole\napisa.pdb
PEiD:PE32 executable (GUI) Intel 80386, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:4
Imports: KERNEL32, USER32,
Exports: 0
Resources:19

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x00027c12 0x00027e00 1a2a82e61682390c9c71755d61bcf3a1 7.56
.data 0x00029000 0x01fd41e8 0x00002e00 ff6129a432c0d88617911226e5d82136 2.28
.rsrc 0x01ffe000 0x00009cd8 0x00009e00 f3b0dc5f6bf9eebe04e91a11ede7ac44 4.16
.reloc 0x02008000 0x000097f8 0x00009800 37300b3fc3cec8a9fa094ee4198a164c 1.04

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware