Indicators of compromise
Search IOCs
CSV55 IOCs from URLhaus, MalwareBazaar, Feodo Tracker, abuse.ch SSL, AlienVault OTX, ThreatFox. Cross-source.
| Type | Value | Family / threat | Tags | Source | Last seen | Linked CVEs |
|---|---|---|---|---|---|---|
| domain | spasopro.at | Amadey | Amadey, ViriBack | threatfox | 6 m ago | |
| ipv4 | 89.124.78.101 | Amadey | Amadey, ViriBack | threatfox | 6 m ago | |
| url | http://91.92.242.236/oPvjr94jfe/index.php | Amadey | 54e64e, amadey, c2 | threatfox | 7 m ago | |
| url | http://196.251.107.248/kont2rt/index.php | Amadey | Amadey | threatfox | 10 m ago | |
| url | http://196.251.107.104/Psd8eZaW/index.php | Amadey | 282234, amadey, c2 | threatfox | 12 m ago | |
| url | http://196.251.107.104/amadey_x64.zip | malware_download | 282234, dropped-by-amadey, Stealc | urlhaus | 3 h ago | |
| url | http://196.251.107.104/Amadey.exe | malware_download | Amadey, exe | urlhaus | 4 h ago | |
| md5 | 347187dc7824a887b8f6a3272b3baf12 | Amadey | Amadey | malwarebazaar | 15 h ago | |
| sha256 | 49999f257686cfba6fe9504ff99a7776f998e3ba4887d28d2957f040ac346306 | Amadey | Amadey | malwarebazaar | 15 h ago | |
| sha1 | 1d3a5e780488095d6174bcdc49ee16c0ea802a6a | Amadey | Amadey | malwarebazaar | 15 h ago | |
| md5 | 29349fa22c5a69236b9429e7751d646d | Amadey | Amadey | malwarebazaar | 17 h ago | |
| sha256 | e0d01ef897fc50b5c3dc3a613d48a4c32c4cf6d973628773336d23c26181f3bd | Amadey | Amadey | malwarebazaar | 17 h ago | |
| sha1 | f84fbbd984d09303fef818628a5a057e14338628 | Amadey | Amadey | malwarebazaar | 17 h ago | |
| md5 | 76a9107cac9d97ef0919fff8f288fd1b | Amadey | Amadey | malwarebazaar | 17 h ago | |
| sha256 | 8fe1fed51558e70a559f372b3e27b43ff70d6375b0161a8efa966b2188937721 | Amadey | Amadey | malwarebazaar | 17 h ago | |
| sha1 | 136f7853b7382e0b0fafaee4b694ef0fa42fdb42 | Amadey | Amadey | malwarebazaar | 17 h ago | |
| sha1 | 5c8c62e7bf1eee0de6d2d3e9d7caca535896ba92 | Amadey | Amadey | malwarebazaar | 19 h ago | |
| sha256 | d13d3de76a86ab875c2acd0d28c866928c842b206d1f83eb3cc5886811fd24d2 | Amadey | Amadey | malwarebazaar | 19 h ago | |
| md5 | 9c04ee265a82db4ce7a4cde4d89d0055 | Amadey | Amadey | malwarebazaar | 19 h ago | |
| url | http://spasopro.at/Lsge63sd3/index.php | Amadey | amadey, c2, e7b4fe | threatfox | 20 h ago | |
| sha256 | 920039788b3a1620bbafc5b02d10827ce68ec4bb6f9088014f76c8eecb01875d | Amadey | Amadey | malwarebazaar | 1 d ago | |
| sha1 | ed9f61a9809bcb75005081ccebc99918cc755659 | Amadey | Amadey | malwarebazaar | 1 d ago | |
| md5 | ea09896ab82a8dce13e4fec8c0210b94 | Amadey | Amadey | malwarebazaar | 1 d ago | |
| md5 | 8be3cd07b71a42de138232531975935f | Amadey | Amadey | malwarebazaar | 1 d ago | |
| sha256 | fbb697f6ff25ac3ea01c7536945ec053406f2fdd30e802350a2c28fcb19672dd | Amadey | Amadey | malwarebazaar | 1 d ago | |
| sha1 | 9d42bfd6862989d796ceb7512ef33bebe6706fba | Amadey | Amadey | malwarebazaar | 1 d ago | |
| md5 | 91a5057b48034273c0803de1edba9510 | Amadey | Amadey | malwarebazaar | 2 d ago | |
| sha256 | 8e92cbdcccdfe7baac62ed1ecc0f2d9463b6482dd455daef5bb5778367ef4d73 | Amadey | Amadey | malwarebazaar | 2 d ago | |
| sha1 | b2ec9df866e8f06dfec423888cb1a8b4b364c175 | Amadey | Amadey | malwarebazaar | 2 d ago | |
| sha256 | de05caadc10e95569a6f423f26000a6b2488e3f64f90bf15d7ea88ba45087ec0 | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha1 | 48b9c278d131df429c1aed74d7a4f20c372712e6 | Amadey | Amadey | malwarebazaar | 3 d ago | |
| md5 | 851002f48a6dd00c41532bcc749bfd6a | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha1 | 39d55bcf3021713608c9d0f49c8c56342fa090ba | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha256 | b9a5bc4338429ec3b3101caf3ec2669824d9e13dd3705dc975449baa77344e45 | Amadey | Amadey | malwarebazaar | 3 d ago | |
| md5 | 17bb2de6c19221471200c83d4d96b1fe | Amadey | Amadey | malwarebazaar | 3 d ago | |
| md5 | 55917203db6ac7ee08c16fa9979c929a | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha256 | 87a65052c58c9bfc1b5bcf28248d5af381069c926b7d2ccfea1d7239278885d3 | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha1 | 4b70ff661ca0ac13fbc279a0836fde1a417150ca | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha1 | 91b8aeadc7a3c6526897ea430622cd4af32b9322 | Amadey | Amadey | malwarebazaar | 3 d ago | |
| sha256 | ddc9c0cb55dc2a75b46a07ae1bd26d2aed8d3982ab039f4e9dbeab67721aff8a | Amadey | Amadey | malwarebazaar | 3 d ago | |
| md5 | 95a083049831608cc89df71343b64cea | Amadey | Amadey | malwarebazaar | 3 d ago | |
| domain | adeyqa.net | Amadey | Amadey, ViriBack | threatfox | 7 d ago | |
| domain | shohetrc.com | Amadey | Amadey, ViriBack | threatfox | 7 d ago | |
| domain | windowsedgeupdater.com | Amadey | Amadey, ViriBack | threatfox | 7 d ago | |
| domain | blindbut.icu | Amadey | Amadey, ViriBack | threatfox | 7 d ago | |
| domain | feralhendown.xyz | Amadey | amadey, currentandold, triage | threatfox | 7 d ago | |
| sha1 | ec0a12e5b6387c7654664a17abe53d349c5b9aef | Amadey | Amadey | malwarebazaar | 7 d ago | |
| md5 | 2e0d25087de57454f6e4d6cff2be73c9 | Amadey | Amadey | malwarebazaar | 7 d ago | |
| sha256 | 368ce35222791d00f2bdeacb1206b7f54898f5f847d290a85c7cffde8c8f0d2e | Amadey | Amadey | malwarebazaar | 7 d ago | |
| sha1 | 1b03062bcdd09c6574e559203ac8d9f2be429362 | Amadey | Amadey C&C | abusessl | 2025-07-26 | |
| sha1 | 254bc5d53a278a16be68a29e60e15f1dcd17bc0a | Amadey | Amadey C&C | abusessl | 2025-07-16 | |
| sha1 | 559d479e8bffbc205c0f7a1cbcdb9c3c189f3851 | Amadey | Amadey C&C | abusessl | 2025-06-05 | |
| sha1 | 1d3a5e780488095d6174bcdc49ee16c0ea802a6a | Amadey | threatfox | — | ||
| sha256 | 49999f257686cfba6fe9504ff99a7776f998e3ba4887d28d2957f040ac346306 | Amadey | threatfox | — | ||
| md5 | 347187dc7824a887b8f6a3272b3baf12 | Amadey | threatfox | — |