Loader
Amadey Bot
First seen: 2018-10 • Status: active
Currently Active Threat
Amadey is a cheap malware delivery service. It infects computers and then downloads other viruses, including ransomware.
Overview
Amadey is a simple but effective loader and information stealer sold on Russian forums. It is used to deploy other malware including ransomware.
Also Known As
Amadey
How It Spreads
- • Malspam
- • Exploit kits
- • Cracked software
What It Does
- • Downloads additional malware
- • Steals system info
- • Takes screenshots
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for Amadey C2 patterns
- • Watch for downloader behavior
MITRE ATT&CK Techniques
T1105, T1082, T1113
If You're Infected
- 1.
Full malware scan
- 2.
Check for additional malware
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required