IOCs · Amadey · threatengine.sh

IOCs

Indicators for Amadey

25 indicators · scoped to malware families · back to Amadey

Live IOCs from URLhaus, ThreatFox, MalwareBazaar, and abuse.ch SSLBL for malware families this tool uses. All indicators are defanged for safe handling.

⚠

Indicators

25 of 25

url

hxxp://91.92.242.236/files-129312398/files/file_4c4781157c8c74ab.exe

family Amadey source urlhaus first seen 2026-06-02 10:46:07 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://91.92.242.236/files-129312398/files/file_eaacfdc24e3fe21d.exe

family Amadey source urlhaus first seen 2026-05-31 15:05:09 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://91.92.242.236/files-129312398/files/file_f63a4ae1cbc0bfa1.exe

family Amadey source urlhaus first seen 2026-05-30T19:39:41Z

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://176.65.144.60/Psd8eZaW/Plugins/cred.dll

family Amadey source urlhaus first seen 2026-04-14 13:23:07 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://176.65.144.60/Psd8eZaW/Plugins/cred64.dll

family Amadey source urlhaus first seen 2026-04-13 09:49:07 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxps://racing-shop-schuller.de/webRTC_driver_20260111_x64.exe

family Amadey source urlhaus first seen 2026-04-02 14:42:09 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://158.94.210.91/g8hrS4f4vh/Plugins/cred.dll

family Amadey source urlhaus first seen 2026-03-31 14:21:09 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://158.94.210.91/g8hrS4f4vh/Plugins/cred64.dll

family Amadey source urlhaus first seen 2026-03-31 14:21:09 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://158.94.208.7/files/unique2/random.exe

family Amadey source urlhaus first seen 2026-03-12 15:10:10 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxps://qpgroup.top/uploads/Coral_Setup.exe

family Amadey source urlhaus first seen 2026-03-09 15:44:14 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://158.94.211.222/amka/random.exe

family Amadey source urlhaus first seen 2026-03-07 18:00:08 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://158.94.211.222/vidar/random.exe

family Amadey source urlhaus first seen 2026-03-06 11:40:08 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxps://visualls.trueblog.sbs/Visual%20Studio.zip

family Amadey source urlhaus first seen 2026-03-01 14:28:10 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://62.60.226.159/bot.exe

family Amadey source urlhaus first seen 2026-02-24 22:13:06 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxp://62.60.226.159/NuclearBomb.exe

family Amadey source urlhaus first seen 2026-02-19 18:33:10 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

url

hxxps://github.com/hkakkkaa/gdsssdggsg/releases/download/fsdfsd/lol.exe

family Amadey source urlhaus first seen 2025-09-25 05:49:09 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

sslbl_sha1

1b03062bcdd09c6574e559203ac8d9f2be429362

family Amadey source sslbl first seen 2025-07-26 10:00:09

VirusTotal OTX

sslbl_sha1

254bc5d53a278a16be68a29e60e15f1dcd17bc0a

family Amadey source sslbl first seen 2025-07-16 02:45:31

VirusTotal OTX

sslbl_sha1

559d479e8bffbc205c0f7a1cbcdb9c3c189f3851

family Amadey source sslbl first seen 2025-06-05 15:17:50

VirusTotal OTX

url

hxxps://github.com/ustaxes/UsTaxes/files/15378217/All.2023.Tax.Documents.zip

family Amadey source urlhaus first seen 2024-05-21 20:32:14 UTC

VirusTotal urlscan OTX URLhaus Pulsedive

sha256

d2fc36eedc354152ab7bcb96436c54c45cdd8fda7212cdc1ddbe826f61acc457