GridinSoft Threat Intelligence
atikmdag.sys threat report
GridinSoft Anti-Malware detection
Detected by GridinSoft before you download
The current ThreatInfo record shows this exact file hash detected as Trojan.Generic. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.
- Detection name
- Trojan.Generic
- Recommended action
- Scan and remove
- Last analysis
- 2021-11-29 21:40:50 (4 years ago)
- File hash
- 53df9d8d74705669998ade8ded542909
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as Trojan.Generic.
First seen 2021-11-29 21:40:50 (4 years ago); latest analysis 2021-11-29 21:40:50 (4 years ago).
Company metadata: Advanced Micro Devices, Inc.. Product metadata: ATI Radeon Family.
ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present.
File context
atikmdag.sys is a Windows file recorded in the ThreatInfo database. It is associated with ATI Radeon Family. The reported company name is Advanced Micro Devices, Inc.. The current detection status is Trojan.Generic, based on the latest analysis from 2021-11-29 21:40:50 (4 years ago).
If atikmdag.sys appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as Trojan.Generic.
File Details
| Product Name: | ATI Radeon Family |
| Company Name: | Advanced Micro Devices, Inc. |
| MD5: | 53df9d8d74705669998ade8ded542909 |
| Size: | 22 MB |
| First Published: | 2021-11-29 21:40:50 (4 years ago) |
| Latest Published: | 2021-11-29 21:40:50 (4 years ago) |
| Status: | Trojan.Generic (on last analysis) | |
| Analysis Date: | 2021-11-29 21:40:50 (4 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Common Places:
| %system% |
ThreatInfo has observed atikmdag.sys in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.
Geographic signal
Observed country distribution
ThreatInfo has seen atikmdag.sys across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is United States with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for atikmdag.sys is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
atikmdag.sys is identified as pe for 64-bit systems. The subsystem is Native. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
8c43b584ce6a37c76968b76a02b91638
3e3f2e6b654aca7c8cba4039a6a11a26
b80f499dcba271da3bf6b294e73824ad
3490cd441558df429bc0ec1c83950c57
834a35b59184a668aca333b152b437f9
2a2a2e5ee071d0f6506e8df196aa3318
8bdf9cb2b1a5c822224cd2342adc2934
9aaec5bff011f9de317d2d162ec79242
ae4db1be880fb083492eb981bd5e03de
4a5a1368dca7d50084d7be83467a545d
85da7d9fdc790f99dd3fa1a52247ccb7
e8e6708d869ec8b2fd355781bcf58e24
dd22a135e44fb5454f6d4dade285a30e
f2a6e38e0ea69d37fbbc3c88451f1204
2e485fb634ba392d9b6210a9ff847162
fe9f13697ec8642e7a0c5efe0ca4186f
90b33cdc42ca8f801b26eaa1e54ee25c
f4864bdbc1f450fa61c17b113f6af788
956336e01e93a740b9a6b0df1bc4c112
88acd4ab1d542c433da8061777b5efde
1c047a28abab82e0b6182c7c2739652d
3846073cc24ef7d88e90a5c7344e3cd6
dc01f7453938430fcf36bdbbd08b6c2d
94e13f50e0f32690726ef13692564ee5
6a7254e0c862381cd0646270afc55a09
fecc15aad6b3bead659034a8090ddb66
f5d6d647b756b8a3420f16ef3c2ad852
dcdc4e38ab3795ec9b00fce8718ecb3a
8787924e70c50123d201ed71dbb68b8d
69f5dcebc985a6ede53118ec644a3283
f691e1472b5cc898fbb862752383afb4
81053c22c434d8c4dc722d3d06f09ec9
f5054212da3994741e618184e0c9ca3c
401d74b499301b9f29f5f03fa92b4c55
6e8f955ad4686b3f59850080a61cd83d
7b334bd1feab119ebd87c4f11545e468
f340fa22766726a75442cf98a501f965
e61ca09790578af39720cc63483f13e3
bc5311778898a36d3211e3ce8f978b5c
897d502045ae14f6174f4844a08365b1
3ead03bb8b1a2946826a42711f884e58
d60a8056285df9f7c06b9bc48c4bf6ca
ff0785ad714a81634ab875e2f1551c30
cb1e80a82664a7acc71fef19dc5b8b54
4e3b088972c14869ad775c34b506bcca
ed0a111af7a30f1c98ed22234a60a0ba
4e72ad6ec93b6bc2ed7777c94cdab59e
4b721d6b5a0573572ec6901c1599f63e
d3cbed7bd39fb3e8756b6ce5c7451214
3b36c2c641e6b4dac10d56bace678eaa
9a35f2ddcde128f406af91260f4777c9
d4a4948cbaf61b0a1049f78210506dd7
a6785264b9406c4d4dd4ab148827fbbe
35170621943338c4c0701bf9ef894e91
57cea71f389b2ecb127c4f92498bb435
92c63fcc2ed3b5b9d2ffd544f04de0a8
dc6ed90ce2e3fd20b424a51285098295
bab5f539fc1645cd99267bb599bf6ad1
e1ed5212d3acaf5e2c3e20fe9ec2cb60
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as Trojan.Generic
This report identifies atikmdag.sys by MD5 53df9d8d74705669998ade8ded542909. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.