Payload Details
| First Seen | 2026-02-24 (Login for timestamps) |
|---|---|
| Last Seen | 2026-03-03 |
| SHA256 | 9450c8f5fb17a1faf510d3ed6ce78430b103ce4e54474e5f50a53c5cf9b414d3 |
| Filetype | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| Size | 443,904 bytes |
| Distributed By | Vidar (Login) |
| Countries |  Login for country information |
| UnpacMe ID | 8f164f57-c269-4a71-a05d-9f72aaa20b38 |
| UnpacMe Detections | MALWARE:AmadeyTYPE:DOWNLOADERRULE:AmadeyCONFIG:Amadey |
| UnpacMe Community | RULE:win_amadey_auto |
| Sandbox Detections | AmadeyGCleaner |
| Malcat Kesakode | One of the process dumps is 35% similar to GCleanerGCleaner 35% |
| Download |
Monitored Sandbox Execution
Login required
Non-Monitored Sandbox Execution
Login required
Tasks of Origin (60)
First Seen (UTC)  |
Last Seen (UTC) |
Family | Botnet | Exit | Task Data | View |
|---|---|---|---|---|---|---|
| 2026-03-02 | 2026-03-04 | vidar | Login | | ||
| 2026-03-01 | 2026-03-04 | vidar | Login | | ||
| 2026-03-01 | 2026-03-04 | vidar | Login | | ||
| 2026-03-01 | 2026-03-04 | vidar | Login | | ||
| 2026-03-01 | 2026-03-04 | vidar | Login | | ||
| 2026-03-01 | 2026-03-04 | vidar | Login | | ||
| 2026-02-28 | 2026-03-06 | vidar | Login | | ||
| 2026-02-27 | 2026-03-06 | vidar | Login | | ||
| 2026-02-27 | 2026-03-06 | vidar | Login | | ||
| 2026-02-27 | 2026-03-06 | vidar | Login | | ||
| 2026-02-27 | 2026-03-06 | vidar | Login | | ||
| 2026-02-27 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-21 | 2026-03-06 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-06 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-04 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-02-03 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | | ||
| 2026-01-31 | 2026-02-26 | vidar | Login | |