Payload Details
| First Seen | 2026-02-23 (Login for timestamps) |
|---|---|
| Last Seen | 2026-02-24 |
| SHA256 | 91fe640881d22c7dd821cdc76aa92e21766bdf05fb227bd55177acf9c5b87114 |
| Filetype | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| Size | 443,392 bytes |
| Distributed By | Vidar (Login) |
| Countries |  Login for country information |
| UnpacMe ID | 0e42ac7b-b624-440a-ab78-0fce4cadee2b |
| UnpacMe Detections | MALWARE:AmadeyTYPE:DOWNLOADERRULE:AmadeyCONFIG:Amadey |
| UnpacMe Community | RULE:win_amadey_auto |
| Sandbox Detections | AmadeyGCleaner |
| Malcat Kesakode | One of the process dumps is 35% similar to GCleanerGCleaner 35% |
| Download |
Monitored Sandbox Execution
Login required
Non-Monitored Sandbox Execution
Login required
Tasks of Origin (48)
First Seen (UTC)  |
Last Seen (UTC) |
Family | Botnet | Exit | Task Data | View |
|---|---|---|---|---|---|---|
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | |