Trojan:Win32/Amadey.MA!MTB removal instruction

The Trojan:Win32/Amadey.MA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Amadey.MA!MTB virus can do?

Authenticode signature is invalid

How to determine Trojan:Win32/Amadey.MA!MTB?


File Info:
name: 3EA906B578EB79CA2495.mlw
path: /opt/CAPEv2/storage/binaries/986cecd49a26ec67a02c3a5ed9e74d016d77b8e5b8cdd88d1b18fdc047cd3b40
crc32: 55CC5876
md5: 3ea906b578eb79ca249567292ff7057c
sha1: 369108252cc2e6c09b18eb072906e34fec574c3d
sha256: 986cecd49a26ec67a02c3a5ed9e74d016d77b8e5b8cdd88d1b18fdc047cd3b40
sha512: e42ac583fb5c64cbfa5e98ef037694a7b9637c4462b5d58a46512364d69b39a2fda1b4c7a10948623e8d0e04f3ac6b7aa17fa582691ea61d21a1f093b33cc978
ssdeep: 3072:D/ey++qgbeH0bG0uZRQsSlR/QoIegRQod4l:LeQJvb/uZRQ52lD4l
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T14BB35B217591C072D6AD0A791864ABB1CB7EB810DF745DEB37940A7AAE342C29F30D36
sha3_384: b094f977a46b51e19b30fb231977d2779c035d4461f27bdd048837c6f7a6fb524bb7c63b36fea2e1cfdf16356f9665b0
ep_bytes: 558bec837d0c017505e8ef030000ff75
timestamp: 2024-02-27 18:59:19

Version Info:
0: [No Data]

Trojan:Win32/Amadey.MA!MTB also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.446682
FireEye	Gen:Variant.Zusy.446682
Malwarebytes	Trojan.ClipBanker
CrowdStrike	win/malicious_confidence_90% (W)
Arcabit	Trojan.Zusy.D6D0DA
BitDefenderTheta	Gen:NN.ZedlaF.36744.gu4@a8olsCdi
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/ClipBanker.SJ
ClamAV	Win.Malware.Zusy-10015683-0
Kaspersky	HEUR:Trojan.Win32.Agent.gen
BitDefender	Gen:Variant.Zusy.446682
NANO-Antivirus	Trojan.Win32.ClipBanker.kiiqgo
Avast	Win32:TrojanX-gen [Trj]
Rising	Trojan.ClipBanker!8.5FB (TFE:5:nquGHEI3J2D)
Emsisoft	Gen:Variant.Zusy.446682 (B)
F-Secure	Trojan.TR/ClipBanker.cxhsg
VIPRE	Gen:Variant.Zusy.446682
TrendMicro	TROJ_GEN.R011C0DC224
Google	Detected
Avira	TR/ClipBanker.cxhsg
Antiy-AVL	Trojan/Win32.ClipBanker
Microsoft	Trojan:Win32/Amadey.MA!MTB
ZoneAlarm	HEUR:Trojan.Win32.Agent.gen
GData	Gen:Variant.Zusy.446682
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Amadey.C5582822
MAX	malware (ai score=84)
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R011C0DC224
Tencent	Win32.Trojan.Agent.Ikjl
Ikarus	Trojan.Win32.Clipbanker
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Trojan:Win32/Amadey.MA!MTB?

Trojan:Win32/Amadey.MA!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X