Gridinsoft Logo

2288-306-0x0000000001110000-0x00000000015DA000-memory.dmp Trojan Amadey Analysis

Trojan Amadey
Updated on 2024-07-24 (1 month ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.183.174
DB Version: 2024-07-24 15:00:17

Trojan.Win32.Amadey.tr

Amadey is a formidable Windows infostealer threat, characterized by its persistence mechanisms, modular design, and ability to execute various malicious tasks. It typically infiltrates systems through phishing emails or malicious downloads. Once inside a system, Amadey can capture sensitive information such as login credentials, personal data, and financial details. Its modular structure allows threat actors to customize its functionality, making it a versatile tool in cybercriminal arsenals.

File 2288-306-0x0000000001110000-0x00000000015DA000-memory.dmp
Checked 2024-07-24 12:17:58
MD5 d9dd6a7056719b9c0cae67241f2c63e6
SHA1 319e0a39c1146621eff0c216cc19b87221a1de4b
SHA256 76fb588c54b8aa2ebc269ea3b845a40077f18aef9b071cd4a675b5bacb56e479
SHA512 13cf301128b8e4a154ca78f1777316441ce547f4c184507eabb5445e4277666eae5ce57c06597cecebd7eec26240825ef87b7c8c899330f4e269266d6c3d637c
File Size 5021696 bytes

Trojan.Win32.Amadey.tr Removal

Trojan.Win32.Amadey.tr Removal

Gridinsoft has the capability to identify and eliminate Trojan.Win32.Amadey.tr without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

Portable Executable Info

Image Base: 0x01110000
Entry Point: 0x015d7000
Compilation: 2024-06-04 08:24:10
Checksum: 0x001d8d3e (Actual: 0x004d42dc)
OS Version: 6.0
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 7
Imports: 0
Exports: 0
Resources: 0

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
0x00001000 0x00068000 0x0002dc00 e1de0603de91f4fd20b09a813861d254 6.55
.rsrc 0x00069000 0x000001e0 0x00000200 44e339fe7cf21425831d768d19429496 6.12
.idata 0x0006a000 0x00001000 0x00000200 4d70f82af1d5403ab4c47a1bf06adb78 6.28
0x0006b000 0x002b5000 0x00000200 376458d2c9d22b063d1672931de87734 6.07
qhedmxhi 0x00320000 0x001a6000 0x001a5a00 f165220cdee4aa6709f77576ef1f4b88 5.12
aflvgrfd 0x004c6000 0x00001000 0x00000400 ec26486f831d46acdcbeb0bd18afa6e2 6.65
.taggant 0x004c7000 0x00003000 0x00002200 5eaa59315a6719d97741e62d71eeb8be 6.72

Leave a comment *

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Learn more Download Now