| Name / Title | Added | Expires | Hits | Comments | Syntax | |
|---|---|---|---|---|---|---|
| Candidates | Apr 23rd, 2023 | Never | 1 | 0 | None | - |
| Properties | Feb 7th, 2023 | Never | 10 | 0 | None | - |
| Mal Italian Macro | Dec 9th, 2021 | Never | 712 | 0 | None | - |
| Abuse MalwareBazaar - Dridex - Payload URLs | Nov 24th, 2021 | Never | 1,254 | 0 | None | - |
| Abuse MalwareBazaar - Dridex - URLs | Nov 24th, 2021 | Never | 1,058 | 0 | None | - |
| paypal phishing email | Feb 7th, 2021 | Never | 691 | 0 | None | - |
| interesting mal XLM | Jan 28th, 2021 | Never | 1,720 | 0 | None | - |
| zloader deobfuscated macro | Jan 26th, 2021 | Never | 678 | 0 | None | - |
| Mal XLM Macro | Jan 22nd, 2021 | Never | 866 | 0 | None | - |
| Extracted XLM Macro in Italian | Jan 19th, 2021 | Never | 788 | 0 | None | - |
| top zone file | Dec 23rd, 2020 | Never | 590 | 0 | None | - |
| PhishCanary - Output | Dec 23rd, 2020 | Never | 1,824 | 0 | None | - |
| Homoglyphs for Brand Names | Dec 22nd, 2020 | Never | 1,195 | 0 | None | - |
| XLM Malware | Dec 16th, 2020 | Never | 910 | 0 | None | - |
| Malware - XLM | Dec 11th, 2020 | Never | 603 | 0 | None | - |
| XLSB sample - XLMDeobfuscator output | Nov 29th, 2020 | Never | 558 | 0 | None | - |
| XLSB - Result | Oct 18th, 2020 | Never | 931 | 0 | None | - |
| Error - Olevba | Oct 5th, 2020 | Never | 636 | 0 | None | - |
| Sample - XLM - Bug Fixing | Aug 16th, 2020 | Never | 555 | 0 | None | - |
| Zloader (7dd5eabb0946fd1d11a77ad82143afe2) deobfuscated XLM | Jun 22nd, 2020 | Never | 761 | 0 | None | - |
| xlmdeobfuscator - zloader - json - dump files | Jun 21st, 2020 | Never | 1,477 | 0 | None | - |
| Zloader - new 2 | Jun 21st, 2020 | Never | 580 | 0 | None | - |
| ZLOADER - new | Jun 21st, 2020 | Never | 1,381 | 0 | None | - |
| example - michael | Jun 6th, 2020 | Never | 758 | 0 | None | - |
| ExcelNtDonut - Deobfuscation | May 27th, 2020 | Never | 1,683 | 0 | None | - |
| example - deobfuscated | May 26th, 2020 | Never | 579 | 0 | None | - |
| example - obfuscated | May 26th, 2020 | Never | 625 | 0 | None | - |
| Deobfuscate XLS by automatically guessing the DAY(NOW()) | May 26th, 2020 | Never | 527 | 0 | None | - |
| 323455169b75e4a753eb5ad34290243ede09f9d559545aac6e6a71c2719b | May 26th, 2020 | Never | 539 | 0 | None | - |
| Macro - loop2 | May 25th, 2020 | Never | 556 | 0 | None | - |
| Macro - loop | May 25th, 2020 | Never | 525 | 0 | None | - |
| sample - macro | May 24th, 2020 | Never | 513 | 0 | None | - |
| extracted macro | May 23rd, 2020 | Never | 879 | 0 | None | - |
| Work in progress | May 22nd, 2020 | Never | 609 | 0 | None | - |
| Extracted Macro | May 22nd, 2020 | Never | 692 | 0 | None | - |
| Extracted Macro | May 22nd, 2020 | Never | 561 | 0 | None | - |
| Binary - PTGS | May 20th, 2020 | Never | 526 | 0 | None | - |
| XLMMacroDeobfuscator - JSON output | May 20th, 2020 | Never | 3,028 | 0 | None | - |
| ZLOADER XLM Macro - deobfuscated | May 20th, 2020 | Never | 803 | 0 | None | - |
| Deobfuscation of ZLOADER XLM macro | May 20th, 2020 | Never | 725 | 0 | None | - |
| Deobfuscation of ZLOADER XLM - MID | May 20th, 2020 | Never | 547 | 0 | None | - |
| XLM deobfuscation - MID function | May 20th, 2020 | Never | 944 | 0 | None | - |
| GOZI - XLSM macro | May 19th, 2020 | Never | 766 | 0 | None | - |
| Zloader - a12b2ef9fe9c7be93533235d83af9b076446b0fb25e3fe16e0 | May 16th, 2020 | Never | 985 | 0 | None | - |
| Zloader - 8a6e4c10c30b773147d0d7c8307d88f1cf242cb01a9747bfec | May 16th, 2020 | Never | 1,096 | 0 | None | - |
| Zloader - Invoice-4063.xls | May 16th, 2020 | Never | 494 | 0 | None | - |
| Zloader - Deobfuscated Macro | May 16th, 2020 | Never | 519 | 0 | None | - |
| XLMMacroDeobfuscator output | May 4th, 2020 | Never | 802 | 0 | None | - |
| Yara rule - xlsb_with_xlm_macro | Apr 23rd, 2020 | Never | 1,123 | 0 | None | - |
| XLMMacroDeobfuscator output | Apr 16th, 2020 | Never | 598 | 0 | None | - |
| OLVBA - XLSM + XLM macro | Apr 15th, 2020 | Never | 609 | 0 | None | - |
| Yara rule - xlsm_with_xlm_macro | Apr 15th, 2020 | Never | 1,380 | 0 | None | - |
| Macro - Sample Parse Tree | Apr 9th, 2020 | Never | 765 | 0 | None | - |
| Zloader - Deobfuscated Macro | Apr 8th, 2020 | Never | 1,227 | 0 | None | - |
| Yara rule - macro_sheet_zloader | Apr 7th, 2020 | Never | 2,285 | 0 | None | - |
| NPP - tip1 - text | Mar 28th, 2020 | Never | 786 | 0 | None | - |
| Potentially Malicious LUA Script | Dec 18th, 2019 | Never | 788 | 0 | Lua | - |
| Extracted Shellcode | Oct 27th, 2019 | Never | 778 | 0 | None | - |
| Sample Internet Shortcut | Sep 26th, 2019 | Never | 689 | 0 | None | - |
| Mal JavaScript | Sep 8th, 2019 | Never | 959 | 0 | JavaScript | - |
| Malicious PowerShell (Excerpt) | Aug 2nd, 2019 | Never | 962 | 0 | PowerShell | - |
| Malicious PowerShell | Aug 2nd, 2019 | Never | 1,399 | 0 | PowerShell | - |
| Malicious HTA | Jun 28th, 2019 | Never | 2,028 | 0 | JavaScript | - |
| Mal Powershell cmd | Jun 16th, 2019 | Never | 961 | 0 | Batch | - |
| Malicious PowerShell | May 1st, 2019 | Never | 1,429 | 0 | PowerShell | - |
| Malicious HTA (multi-stage) | Apr 12th, 2019 | Never | 1,058 | 0 | HTML | - |
| Mal Powershell | Mar 7th, 2019 | Never | 1,861 | 0 | PowerShell | - |
| Mal PowerShell Code extracted from Image | Mar 7th, 2019 | Never | 984 | 0 | PowerShell | - |
| Mal Powershell - Stage 9 | Mar 7th, 2019 | Never | 873 | 0 | PowerShell | - |
| Mal Powershel - After unwrapping 8-layer obfuscation | Mar 7th, 2019 | Never | 1,028 | 0 | PowerShell | - |
| Variable N | Mar 3rd, 2019 | Never | 614 | 0 | Batch | - |
| Malicious VBA | Mar 3rd, 2019 | Never | 768 | 0 | VBScript | - |
| Malicious PowerShell | Mar 3rd, 2019 | Never | 1,216 | 0 | PowerShell | - |
| Mal PowerShell after 36 round decoding | Mar 3rd, 2019 | Never | 758 | 0 | PowerShell | - |
| Decoded Malicious PowerShell (Stage 5) | Mar 3rd, 2019 | Never | 1,139 | 0 | PowerShell | - |
| Obfuscated Malicious PowerShell (Stage 4) | Mar 3rd, 2019 | Never | 743 | 0 | PowerShell | - |
| Decoded Malicious PowerShell | Mar 3rd, 2019 | Never | 984 | 0 | PowerShell | - |
| Emotet - VBA | Feb 28th, 2019 | Never | 1,112 | 0 | VBScript | - |
| Mal PDF | Feb 28th, 2019 | Never | 4,374 | 0 | PostScript | - |
| Emotet latest Docs | Jan 25th, 2019 | Never | 1,171 | 0 | None | - |
| Obfuscated Malicious PowerShell | Jan 7th, 2019 | Never | 2,750 | 0 | PowerShell | - |
| Malicious Javascript | Dec 25th, 2018 | Never | 806 | 0 | JavaScript | - |
| Malicious Powershell | Dec 18th, 2018 | Never | 1,564 | 0 | PowerShell | - |
| Malicious VBScript | Dec 10th, 2018 | Never | 984 | 0 | VBScript | - |
| Obfuscated malicious bat | Dec 7th, 2018 | Never | 717 | 0 | Batch | - |
| Decoding Encoded base64 string using MSIL | Nov 21st, 2018 | Never | 994 | 0 | PowerShell | - |
| Mal Batch file | Nov 20th, 2018 | Never | 960 | 0 | Batch | - |
| Malicious Bash Script | Nov 5th, 2018 | Never | 699 | 0 | Bash | - |
