user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat Trojan:Win64/MaskGramStealer.AMK!MTB
Trojan:Win64/MaskGramStealer.AMK!MTB - Windows Defender threat signature analysis

Trojan:Win64/MaskGramStealer.AMK!MTB - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: Trojan:Win64/MaskGramStealer.AMK!MTB
Classification:
Type:Trojan
Platform:Win64
Family:MaskGramStealer
Detection Type:Concrete
Known malware family with identified signatures
Variant:AMK
Specific signature variant within the malware family
Suffix:!MTB
Detected via machine learning and behavioral analysis
Detection Method:Behavioral
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 64-bit Windows platform, family MaskGramStealer

Summary:

Trojan:Win64/MaskGramStealer.AMK!MTB is a highly confident detection of a malicious program designed to covertly exfiltrate sensitive information from Windows 64-bit systems. This stealer variant was identified through concrete machine learning behavioral analysis and is associated with stealing credentials or other valuable data.

Severity:
High
VDM Static Detection:
No detailed analysis available from definition files.
Known malware which is associated with this threat:
Filename: vipxic.exe
1a2bc78b38f8da6359eef364994dce02976dfdf162d1d4b7be0636c9f7d2ea31
18/01/2026
Filename: gjyae7yzjgtj.exe
2f6efb810bee11eb85bfa3edbdf9015d7d9cf08fc1e44c979a7e6bb21e100108
18/01/2026
Remediation Steps:
Isolate the infected system immediately. Perform a full, updated scan with Windows Defender to quarantine or remove the threat. Change all critical credentials (e.g., social media, banking, email) that may have been present on the system, and ensure all software and operating systems are patched.
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 18/01/2026. Do you want to analyze it again?
$ ls available-commands/
user@threatcheck.sh:~$