Gridinsoft Logo

Amd_ags_x64.dll Trojan Heuristic Analysis

Updated 1 month ago
Checked by Malware Check
amd_ags_x64.dll

Technical Analysis

File Name amd_ags_x64.dll
File Type
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Scanner Version 1.0.229.174
Database Version 2025-12-01 18:00:33 UTC

Trojan.Heur!.022120A2

Malware family: Heuristic

Heuristic detection uses behavioral analysis and pattern recognition to identify potential threats without specific signatures. This proactive approach detects suspicious code behavior that may indicate malware presence. Detection may occasionally produce false positives when legitimate software exhibits similar behavioral patterns.
N/A
Detection Rate
2,320,896
File Size (bytes)
2025-12-01
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
c7a278411c9527f807888e17908721e2
SHA1
669248a5b1c4821702cd5d8876de958684c64934
SHA256
ed1b2afcaef6d54c7180b7838eb13512cd7e877e4da78680066d2c31c2e36347
SHA512
20c8d9aef394dc7813bd859a05bb0b11cbbd9f8ae8e38e7ae191b01b7060b62d665d4ed1042f9969668a388d14842519b99dfcd2dbe9ea668d069da1b9977b10
ImpHash
3e94413763cd3c97109371309ead4067

PE Analysis

Basic Information

Image Base 0x180000000
Entry Point 0x1803b1992
Compilation Time 2025-11-30 16:22:48
Checksum 0x00000000 (Actual: 0x00241312)
OS Version 6.0
PEiD Signatures PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 5 libraries
KERNEL32, USER32, ADVAPI32, SHELL32, ole32
Exports 38 functions
Resources 1 Resources
Sections 10 Sections

Version Information

CompanyName Advanced Micro Devices, Inc.
FileDescription AMD GPU Services Library
FileVersion 6.0.1.0
LegalCopyright Copyright (C) 2020
ProductName AMD GPU Services Library
ProductVersion 6.0.1.0
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 242,444 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
.rdata 0x0003d000 2,046,972 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
.data 0x00231000 12,600 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.pdata 0x00235000 13,632 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
.fptable 0x00239000 256 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
RNE0 0x0023a000 1,256,966 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ D41D8CD98F00B204E9800998ECF8427E
RNE1 0x0036d000 136 bytes 512 bytes 0.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE B176C8A0E44FCDA07F82F2C7741D547B
RNE2 0x0036e000 2,317,796 bytes 2,317,824 bytes 7.92 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_NOT_PAGED|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 8535EDFFF40E388A20C4DDCB86C74D3E
.rsrc 0x005a4000 752 bytes 1,024 bytes 2.57 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 843EEA39C29C2372E4EACEBA847C006B
.reloc 0x005a5000 272 bytes 512 bytes 2.40 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ FDA3E9744F32A11A98C2A355B16C70CB
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 1 (664 bytes)
Resource Type Count Total Size Percentage
RT_VERSION 1 664 bytes
100%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Trojan.Heur!.022120A2 Removal

Gridinsoft has the capability to identify and eliminate Trojan.Heur!.022120A2 without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware