Payload Details
| First Seen | 2026-03-03 (Login for timestamps) |
|---|---|
| Last Seen | 2026-03-08 |
| SHA256 | b1f0e9cacd5a27e0cdb5cb9cd259e62bfdfecdc96fee2a7a7a345cc97a7fc60d |
| Filetype | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
| Size | 444,928 bytes |
| Distributed By | Vidar (Login) |
| Countries |  Login for country information |
| UnpacMe ID | b35408d4-df70-45b9-a75b-ebbd8cba30ec |
| UnpacMe Detections | MALWARE:AmadeyTYPE:DOWNLOADERRULE:AmadeyCONFIG:Amadey |
| UnpacMe Community | RULE:win_amadey_auto |
| Sandbox DetectionsYara and Suricata matches | AmadeyVidarCoinMiner |
| Malcat Kesakode | One or more of the process dumps are 100% similar to VidarVidar 100%One or more of the process dumps are 100% similar to AmadeyAmadey 100% |
| Download |
Context Graph
Login to view data
Monitored Sandbox Execution
Login required
Non-Monitored Sandbox Execution
Login required
Tasks of Origin (0)
First Seen (UTC)  |
Last Seen (UTC) |
Family | Botnet | Exit | Task Data | View |
|---|