| Name / Title | Added | Expires | Hits | Comments | Syntax | |
|---|---|---|---|---|---|---|
| Candidates | Apr 23rd, 2023 | Never | 1 | 0 | None | - |
| Properties | Feb 7th, 2023 | Never | 10 | 0 | None | - |
| Mal Italian Macro | Dec 9th, 2021 | Never | 650 | 0 | None | - |
| Abuse MalwareBazaar - Dridex - Payload URLs | Nov 24th, 2021 | Never | 1,160 | 0 | None | - |
| Abuse MalwareBazaar - Dridex - URLs | Nov 24th, 2021 | Never | 960 | 0 | None | - |
| paypal phishing email | Feb 7th, 2021 | Never | 622 | 0 | None | - |
| interesting mal XLM | Jan 28th, 2021 | Never | 1,639 | 0 | None | - |
| zloader deobfuscated macro | Jan 26th, 2021 | Never | 623 | 0 | None | - |
| Mal XLM Macro | Jan 22nd, 2021 | Never | 798 | 0 | None | - |
| Extracted XLM Macro in Italian | Jan 19th, 2021 | Never | 702 | 0 | None | - |
| top zone file | Dec 23rd, 2020 | Never | 511 | 0 | None | - |
| PhishCanary - Output | Dec 23rd, 2020 | Never | 1,712 | 0 | None | - |
| Homoglyphs for Brand Names | Dec 22nd, 2020 | Never | 1,125 | 0 | None | - |
| XLM Malware | Dec 16th, 2020 | Never | 796 | 0 | None | - |
| Malware - XLM | Dec 11th, 2020 | Never | 544 | 0 | None | - |
| XLSB sample - XLMDeobfuscator output | Nov 29th, 2020 | Never | 499 | 0 | None | - |
| XLSB - Result | Oct 18th, 2020 | Never | 867 | 0 | None | - |
| Error - Olevba | Oct 5th, 2020 | Never | 578 | 0 | None | - |
| Sample - XLM - Bug Fixing | Aug 16th, 2020 | Never | 496 | 0 | None | - |
| Zloader (7dd5eabb0946fd1d11a77ad82143afe2) deobfuscated XLM | Jun 22nd, 2020 | Never | 695 | 0 | None | - |
| xlmdeobfuscator - zloader - json - dump files | Jun 21st, 2020 | Never | 1,401 | 0 | None | - |
| Zloader - new 2 | Jun 21st, 2020 | Never | 502 | 0 | None | - |
| ZLOADER - new | Jun 21st, 2020 | Never | 1,297 | 0 | None | - |
| example - michael | Jun 6th, 2020 | Never | 697 | 0 | None | - |
| ExcelNtDonut - Deobfuscation | May 27th, 2020 | Never | 1,581 | 0 | None | - |
| example - deobfuscated | May 26th, 2020 | Never | 523 | 0 | None | - |
| example - obfuscated | May 26th, 2020 | Never | 532 | 0 | None | - |
| Deobfuscate XLS by automatically guessing the DAY(NOW()) | May 26th, 2020 | Never | 481 | 0 | None | - |
| 323455169b75e4a753eb5ad34290243ede09f9d559545aac6e6a71c2719b | May 26th, 2020 | Never | 464 | 0 | None | - |
| Macro - loop2 | May 25th, 2020 | Never | 506 | 0 | None | - |
| Macro - loop | May 25th, 2020 | Never | 460 | 0 | None | - |
| sample - macro | May 24th, 2020 | Never | 459 | 0 | None | - |
| extracted macro | May 23rd, 2020 | Never | 821 | 0 | None | - |
| Work in progress | May 22nd, 2020 | Never | 543 | 0 | None | - |
| Extracted Macro | May 22nd, 2020 | Never | 622 | 0 | None | - |
| Extracted Macro | May 22nd, 2020 | Never | 489 | 0 | None | - |
| Binary - PTGS | May 20th, 2020 | Never | 466 | 0 | None | - |
| XLMMacroDeobfuscator - JSON output | May 20th, 2020 | Never | 2,888 | 0 | None | - |
| ZLOADER XLM Macro - deobfuscated | May 20th, 2020 | Never | 734 | 0 | None | - |
| Deobfuscation of ZLOADER XLM macro | May 20th, 2020 | Never | 673 | 0 | None | - |
| Deobfuscation of ZLOADER XLM - MID | May 20th, 2020 | Never | 494 | 0 | None | - |
| XLM deobfuscation - MID function | May 20th, 2020 | Never | 873 | 0 | None | - |
| GOZI - XLSM macro | May 19th, 2020 | Never | 698 | 0 | None | - |
| Zloader - a12b2ef9fe9c7be93533235d83af9b076446b0fb25e3fe16e0 | May 16th, 2020 | Never | 923 | 0 | None | - |
| Zloader - 8a6e4c10c30b773147d0d7c8307d88f1cf242cb01a9747bfec | May 16th, 2020 | Never | 1,027 | 0 | None | - |
| Zloader - Invoice-4063.xls | May 16th, 2020 | Never | 438 | 0 | None | - |
| Zloader - Deobfuscated Macro | May 16th, 2020 | Never | 464 | 0 | None | - |
| XLMMacroDeobfuscator output | May 4th, 2020 | Never | 737 | 0 | None | - |
| Yara rule - xlsb_with_xlm_macro | Apr 23rd, 2020 | Never | 1,056 | 0 | None | - |
| XLMMacroDeobfuscator output | Apr 16th, 2020 | Never | 537 | 0 | None | - |
| OLVBA - XLSM + XLM macro | Apr 15th, 2020 | Never | 539 | 0 | None | - |
| Yara rule - xlsm_with_xlm_macro | Apr 15th, 2020 | Never | 1,301 | 0 | None | - |
| Macro - Sample Parse Tree | Apr 9th, 2020 | Never | 697 | 0 | None | - |
| Zloader - Deobfuscated Macro | Apr 8th, 2020 | Never | 1,169 | 0 | None | - |
| Yara rule - macro_sheet_zloader | Apr 7th, 2020 | Never | 2,087 | 0 | None | - |
| NPP - tip1 - text | Mar 28th, 2020 | Never | 730 | 0 | None | - |
| Potentially Malicious LUA Script | Dec 18th, 2019 | Never | 703 | 0 | Lua | - |
| Extracted Shellcode | Oct 27th, 2019 | Never | 708 | 0 | None | - |
| Sample Internet Shortcut | Sep 26th, 2019 | Never | 634 | 0 | None | - |
| Mal JavaScript | Sep 8th, 2019 | Never | 906 | 0 | JavaScript | - |
| Malicious PowerShell (Excerpt) | Aug 2nd, 2019 | Never | 897 | 0 | PowerShell | - |
| Malicious PowerShell | Aug 2nd, 2019 | Never | 1,251 | 0 | PowerShell | - |
| Malicious HTA | Jun 28th, 2019 | Never | 1,974 | 0 | JavaScript | - |
| Mal Powershell cmd | Jun 16th, 2019 | Never | 899 | 0 | Batch | - |
| Malicious PowerShell | May 1st, 2019 | Never | 1,365 | 0 | PowerShell | - |
| Malicious HTA (multi-stage) | Apr 12th, 2019 | Never | 965 | 0 | HTML | - |
| Mal Powershell | Mar 7th, 2019 | Never | 1,772 | 0 | PowerShell | - |
| Mal PowerShell Code extracted from Image | Mar 7th, 2019 | Never | 909 | 0 | PowerShell | - |
| Mal Powershell - Stage 9 | Mar 7th, 2019 | Never | 792 | 0 | PowerShell | - |
| Mal Powershel - After unwrapping 8-layer obfuscation | Mar 7th, 2019 | Never | 961 | 0 | PowerShell | - |
| Variable N | Mar 3rd, 2019 | Never | 552 | 0 | Batch | - |
| Malicious VBA | Mar 3rd, 2019 | Never | 689 | 0 | VBScript | - |
| Malicious PowerShell | Mar 3rd, 2019 | Never | 1,150 | 0 | PowerShell | - |
| Mal PowerShell after 36 round decoding | Mar 3rd, 2019 | Never | 703 | 0 | PowerShell | - |
| Decoded Malicious PowerShell (Stage 5) | Mar 3rd, 2019 | Never | 1,062 | 0 | PowerShell | - |
| Obfuscated Malicious PowerShell (Stage 4) | Mar 3rd, 2019 | Never | 680 | 0 | PowerShell | - |
| Decoded Malicious PowerShell | Mar 3rd, 2019 | Never | 915 | 0 | PowerShell | - |
| Emotet - VBA | Feb 28th, 2019 | Never | 1,049 | 0 | VBScript | - |
| Mal PDF | Feb 28th, 2019 | Never | 4,222 | 0 | PostScript | - |
| Emotet latest Docs | Jan 25th, 2019 | Never | 1,093 | 0 | None | - |
| Obfuscated Malicious PowerShell | Jan 7th, 2019 | Never | 2,646 | 0 | PowerShell | - |
| Malicious Javascript | Dec 25th, 2018 | Never | 743 | 0 | JavaScript | - |
| Malicious Powershell | Dec 18th, 2018 | Never | 1,268 | 0 | PowerShell | - |
| Malicious VBScript | Dec 10th, 2018 | Never | 886 | 0 | VBScript | - |
| Obfuscated malicious bat | Dec 7th, 2018 | Never | 664 | 0 | Batch | - |
| Decoding Encoded base64 string using MSIL | Nov 21st, 2018 | Never | 920 | 0 | PowerShell | - |
| Mal Batch file | Nov 20th, 2018 | Never | 910 | 0 | Batch | - |
| Malicious Bash Script | Nov 5th, 2018 | Never | 638 | 0 | Bash | - |
