GridinSoft Threat Intelligence
atikmdag.sys threat report
GridinSoft Anti-Malware detection
Detected by GridinSoft before you download
The current ThreatInfo record shows this exact file hash detected as Trojan.Generic. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.
- Detection name
- Trojan.Generic
- Recommended action
- Scan and remove
- Last analysis
- 2024-05-30 23:01:11 (2 years ago)
- File hash
- 71e9e3cdd83c723650fb9d2e4a3e468f
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as Trojan.Generic.
First seen 2024-05-30 23:01:11 (2 years ago); latest analysis 2024-05-30 23:01:11 (2 years ago).
Company metadata: Advanced Micro Devices, Inc. Product metadata: ATI Radeon Famil.
ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present.
File context
atikmdag.sys is a Windows file recorded in the ThreatInfo database. It is associated with ATI Radeon Famil. The reported company name is Advanced Micro Devices, Inc. The current detection status is Trojan.Generic, based on the latest analysis from 2024-05-30 23:01:11 (2 years ago).
If atikmdag.sys appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as Trojan.Generic.
File Details
| Product Name: | ATI Radeon Famil |
| Company Name: | Advanced Micro Devices, Inc |
| MD5: | 71e9e3cdd83c723650fb9d2e4a3e468f |
| Size: | 25 MB |
| First Published: | 2024-05-30 23:01:11 (2 years ago) |
| Latest Published: | 2024-05-30 23:01:11 (2 years ago) |
| Status: | Trojan.Generic (on last analysis) | |
| Analysis Date: | 2024-05-30 23:01:11 (2 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Common Places:
| %temp%\{39fd8e2e-d766-3b91-dbda-520866d7913b} |
| %system%\driverstore\temp\{6c1eb7e8-0ed8-0546-bc49-d101bb655370} |
ThreatInfo has observed atikmdag.sys in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.
Geographic signal
Observed country distribution
ThreatInfo has seen atikmdag.sys across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is Argentina with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for atikmdag.sys is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
atikmdag.sys is identified as pe for 64-bit systems. The subsystem is Native. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
2440801c062b360c22c35c516a1b0646
7c74d30f2230155ae1df0061571250bb
21c1dfbeafeafba2556bedb61c3354bb
36fc463314657a5f867aadd9b0854938
5185cb6994316c9e93165e97026c04a9
91f59397fd2d370d9b01572dccd9aaaf
45bd5dff476608b81031d3248862724c
8bb4fffbbb073aac8ce34187b8b9690a
8bae0d1a9a5ea87d2a194c197d36074e
a8f580c6549643b0ce344312174dc464
a914b4102ab6464004cf29374cb6fd2f
e49609adfbd0b271769ce605e19bfb01
78d4956149891d6d93460df5a6a57615
70c828db00ad725e985ff4dc6a6c3727
f1d60ecca7fbc1c4330569982a7af2e9
b70b401afb4fb76434c8b82384cb3863
3a5e72c111fe9ae0ab86fa9128cacc91
685505f3a9cd86dd781b5cc1b6ecb641
e6ecb55134a918c3dd5d6265aa448279
1c8343a98f09770c21228b485b786ddf
18ea8d6d38f647db810c59af5a829a27
e068f4e192a834a4d83f3cc71087161e
fb0d14eb2381c2d087d5c6a1c3063776
10ff4cd7c41a2adfb4f677eb1a3c1212
eb8b8c27bbb36ea7a3450e277d78adcd
30388cc035e34cfa1e55723ed0d8da59
8b841efdd62740fd999ab20cacbd205f
ba4015b9784e79740980eb0678b9108f
560502fa90d34e34dc91891d07d04b84
e43e49ba06e9aa6fa0e6f74d8b9ef4b3
d326bd453c7c0a65eef8b708146311bc
b1b9adf7418774dd4a73089d88c8de52
635dd555de5d9230e08dc28f290f8334
d616a1412fb508e3bc8d9921b2a05c3a
5c5cbdac416b90fda902427ffc677435
74841d4bf0eb867039f7f813da1aa8a4
13e69817691c8f8d4ff9368b63021c1b
ce7f89cd4cc8bc2c2b6c12ed2ef1ebd7
55dc2902d43713ff4bfa479a6fedbb4b
ac03cbbfe6ecbc7d995e587025893364
f5fe9b89377e20a765782edf05e7a640
5f125a3f938944107314ae1537bf7c71
bb059fc47735c463c790c15b438be271
a491aa82ca327eedaf3669f9a046e810
7d9b747bff5086cdf136fe4b3a7a7aa5
679f96a2d88e1f53c6e77139a622770f
2a18d48cee27676600d8b17d7d60a722
7d784f775875377c61e85f9e6ca4bfad
470d61d40865df64a2eefc883dbe287f
99a82f0b3d848e8163bce144ac432bc4
c0e44d67b093f0f4d9892987d80395c1
753cad7d063d0402d7b5511c9c8efcdc
a481510b64eefded229adc86e3a84c3f
3125f98562cec947b9cafa9a6a894b64
9265cfeb384422378b9bb4330b2e20d8
2aa119b701ffba9196ab85d3fabbf6c7
a4720d8ff4c12cee4b4b45d52d9967ae
99ceb4ec1e9bb84610b95726f15ff515
4ccf066081768dc4a9e728ea71334977
e86074780dcba6c11f6c5245403c886b
b1945d98938c91e5c0a5426078561101
b8c40e5695e94292b239e9fdff3c9330
5cfef0070e22f79910bd43a0325dd720
559fe2d842405cb7607c29260a75349a
cde9c9c2ef244f87d89b4b36b72c12b3
a720e5c509f97714eceaeff5826d62fb
40b51f750e300e7abc4a75afbb1894a7
ff33fc13a13d12f6ca0e094b63605958
03f30ad7fe7b297fe792ce78f9c0eaa8
027fecd6bf28fe809a22e39d25d05e8a
f79b2cb8c124376a967b3c7ce9f055c3
88a3421512dcfdb830b0fdbfca96c47d
7fe928fcc1e008e6887702821ada746a
6b231d0c63ca8c455a4347f0b2501a1e
bcc288a8a4c017dda2c386980c859039
c73131ba41834e20f845a3a3becc0652
fe899f4ae64587d9a2f15394e48a58d7
c8dde11a6742a31b6a9db27e45a12ddf
db70df336d4855dc4843d8a548a26a6a
050a7a31f64d1fcc5fa111d0a8470dba
5a1455db5b4aa6bebe7d7b04d08d0212
8700151e1c876b9d0a3210635380275e
a04f6141f268c42b50a51ce0c88f5c9a
6dee5ca074825668f2398fe452994769
ef8e3ae3abb5cfc5eb4891b2675bd353
e83de5728e6a85783ee46c542c2fac98
69a991842aea746713de9e9d329abf8e
6ccb0044d4bc9794f8d5d4280daf35dc
4d3e10b536f489b119dda6ccc5f3271c
ee50194665966ca64fd3f0a4a2104a68
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as Trojan.Generic
This report identifies atikmdag.sys by MD5 71e9e3cdd83c723650fb9d2e4a3e468f. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.