Trojan Amadey Malware Analysis
| Online Virus Checker | v.1.0.136.174 |
| DB Version: | 2023-09-09 22:06:45 |
| Available languages: |        |
Scan Your File
Analyze suspicious files to detect malware and automatically share them with our team. You can compress your file into a zip archive (if needed, we use the password "infected" to extract before checking).
Trojan.Win32.Amadey.bot
Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.
| Checked: | 2023-09-09 19:47:25 |
| MD5: | 3c28d2f99e19a586383f8fefff593b0a |
| SHA1: | a9afe6d62f943363121a3f825eb7758356569f78 |
| SHA256: | f31b5c76c10461457e57846f0f4b244c7426bc83eb1ccb3faf656ef10e1de844 |
| SHA512: | 77902497803c181356c24bf4e1c3b3bb3a5ab00f91d6cb469c7ec9e9d57d110e080626c45cba8391b946ae1f28ab79000a7370e9e5832316608b45d876d09a0b |
| Imphash: | 50d502518d56615a0453ce4cbded78b5 |
| File Size: | 306688 bytes |
Trojan.Win32.Amadey.bot Removal
Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.bot without requiring further user intervention.
- Start by downloading Gridinsoft Anti-Malware to your computer.
- Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
- Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
- Click on the "Standard Scan" button.
- After the scanning process is finished, click on "Clean Now" to remove any detected threats.
- If prompted, restart your system to complete the removal process.
File Version Information
| FileDescription | Silvuple |
| LegalCopyright | Copyright (C) 2022, Vombat |
| OriginalFilename | petshop.exe |
| ProductsVersion | 23.51.62.52 |
| ProductName | Huickers |
| ProductionVersion | 77.85.94.62 |
| Translation | 0x05bf 0x0ad4 |
Portable Executable Info
 |
30d9f2da167839d2f352c363751420f4 6811193c0481cac1ee1643e9b98cafed a48694a4a48ca4c8 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x0040649a |
| Compilation: | 2023-03-13 02:52:33 |
| Checksum: | 0x00057845 (Actual: 0x00057845) |
| OS Version: | 5.0 |
| PDB Path: | C:\gicolutamid19\wicuxo\38\donan_zafaxul.pdb |
| PEiD: | - |
| Sign: | The PE file does not contain a certificate table. |
| Sections: | 4 |
| Imports: | KERNEL32, USER32, |
| Exports: | 0 |
| Resources: | 36 |
Sections
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x00027948 | 0x00027a00 | 09fa6698379249ae51b81aee0f8e3f77 | 7.57 |
| .data | 0x00029000 | 0x01fd41e8 | 0x00002e00 | 2f12a92f54a4c5a0d278284859b4195a | 2.27 |
| .rsrc | 0x01ffe000 | 0x000167c0 | 0x00016800 | c49577e4c4e4beb7628a3344184b15b3 | 4.14 |
| .reloc | 0x02015000 | 0x0000987c | 0x00009a00 | 4d638fecb7014cdf867d93f2496d4353 | 1.03 |
