| Name / Title | Added | Expires | Hits | Comments | Syntax | |
|---|---|---|---|---|---|---|
| Candidates | Apr 23rd, 2023 | Never | 1 | 0 | None | - |
| Properties | Feb 7th, 2023 | Never | 10 | 0 | None | - |
| Mal Italian Macro | Dec 9th, 2021 | Never | 659 | 0 | None | - |
| Abuse MalwareBazaar - Dridex - Payload URLs | Nov 24th, 2021 | Never | 1,184 | 0 | None | - |
| Abuse MalwareBazaar - Dridex - URLs | Nov 24th, 2021 | Never | 983 | 0 | None | - |
| paypal phishing email | Feb 7th, 2021 | Never | 636 | 0 | None | - |
| interesting mal XLM | Jan 28th, 2021 | Never | 1,667 | 0 | None | - |
| zloader deobfuscated macro | Jan 26th, 2021 | Never | 632 | 0 | None | - |
| Mal XLM Macro | Jan 22nd, 2021 | Never | 810 | 0 | None | - |
| Extracted XLM Macro in Italian | Jan 19th, 2021 | Never | 727 | 0 | None | - |
| top zone file | Dec 23rd, 2020 | Never | 526 | 0 | None | - |
| PhishCanary - Output | Dec 23rd, 2020 | Never | 1,755 | 0 | None | - |
| Homoglyphs for Brand Names | Dec 22nd, 2020 | Never | 1,137 | 0 | None | - |
| XLM Malware | Dec 16th, 2020 | Never | 834 | 0 | None | - |
| Malware - XLM | Dec 11th, 2020 | Never | 558 | 0 | None | - |
| XLSB sample - XLMDeobfuscator output | Nov 29th, 2020 | Never | 505 | 0 | None | - |
| XLSB - Result | Oct 18th, 2020 | Never | 884 | 0 | None | - |
| Error - Olevba | Oct 5th, 2020 | Never | 593 | 0 | None | - |
| Sample - XLM - Bug Fixing | Aug 16th, 2020 | Never | 508 | 0 | None | - |
| Zloader (7dd5eabb0946fd1d11a77ad82143afe2) deobfuscated XLM | Jun 22nd, 2020 | Never | 709 | 0 | None | - |
| xlmdeobfuscator - zloader - json - dump files | Jun 21st, 2020 | Never | 1,414 | 0 | None | - |
| Zloader - new 2 | Jun 21st, 2020 | Never | 517 | 0 | None | - |
| ZLOADER - new | Jun 21st, 2020 | Never | 1,318 | 0 | None | - |
| example - michael | Jun 6th, 2020 | Never | 708 | 0 | None | - |
| ExcelNtDonut - Deobfuscation | May 27th, 2020 | Never | 1,597 | 0 | None | - |
| example - deobfuscated | May 26th, 2020 | Never | 537 | 0 | None | - |
| example - obfuscated | May 26th, 2020 | Never | 544 | 0 | None | - |
| Deobfuscate XLS by automatically guessing the DAY(NOW()) | May 26th, 2020 | Never | 490 | 0 | None | - |
| 323455169b75e4a753eb5ad34290243ede09f9d559545aac6e6a71c2719b | May 26th, 2020 | Never | 485 | 0 | None | - |
| Macro - loop2 | May 25th, 2020 | Never | 517 | 0 | None | - |
| Macro - loop | May 25th, 2020 | Never | 473 | 0 | None | - |
| sample - macro | May 24th, 2020 | Never | 472 | 0 | None | - |
| extracted macro | May 23rd, 2020 | Never | 835 | 0 | None | - |
| Work in progress | May 22nd, 2020 | Never | 561 | 0 | None | - |
| Extracted Macro | May 22nd, 2020 | Never | 641 | 0 | None | - |
| Extracted Macro | May 22nd, 2020 | Never | 506 | 0 | None | - |
| Binary - PTGS | May 20th, 2020 | Never | 483 | 0 | None | - |
| XLMMacroDeobfuscator - JSON output | May 20th, 2020 | Never | 2,914 | 0 | None | - |
| ZLOADER XLM Macro - deobfuscated | May 20th, 2020 | Never | 750 | 0 | None | - |
| Deobfuscation of ZLOADER XLM macro | May 20th, 2020 | Never | 685 | 0 | None | - |
| Deobfuscation of ZLOADER XLM - MID | May 20th, 2020 | Never | 504 | 0 | None | - |
| XLM deobfuscation - MID function | May 20th, 2020 | Never | 893 | 0 | None | - |
| GOZI - XLSM macro | May 19th, 2020 | Never | 706 | 0 | None | - |
| Zloader - a12b2ef9fe9c7be93533235d83af9b076446b0fb25e3fe16e0 | May 16th, 2020 | Never | 936 | 0 | None | - |
| Zloader - 8a6e4c10c30b773147d0d7c8307d88f1cf242cb01a9747bfec | May 16th, 2020 | Never | 1,041 | 0 | None | - |
| Zloader - Invoice-4063.xls | May 16th, 2020 | Never | 447 | 0 | None | - |
| Zloader - Deobfuscated Macro | May 16th, 2020 | Never | 470 | 0 | None | - |
| XLMMacroDeobfuscator output | May 4th, 2020 | Never | 754 | 0 | None | - |
| Yara rule - xlsb_with_xlm_macro | Apr 23rd, 2020 | Never | 1,068 | 0 | None | - |
| XLMMacroDeobfuscator output | Apr 16th, 2020 | Never | 549 | 0 | None | - |
| OLVBA - XLSM + XLM macro | Apr 15th, 2020 | Never | 554 | 0 | None | - |
| Yara rule - xlsm_with_xlm_macro | Apr 15th, 2020 | Never | 1,324 | 0 | None | - |
| Macro - Sample Parse Tree | Apr 9th, 2020 | Never | 708 | 0 | None | - |
| Zloader - Deobfuscated Macro | Apr 8th, 2020 | Never | 1,182 | 0 | None | - |
| Yara rule - macro_sheet_zloader | Apr 7th, 2020 | Never | 2,117 | 0 | None | - |
| NPP - tip1 - text | Mar 28th, 2020 | Never | 742 | 0 | None | - |
| Potentially Malicious LUA Script | Dec 18th, 2019 | Never | 717 | 0 | Lua | - |
| Extracted Shellcode | Oct 27th, 2019 | Never | 727 | 0 | None | - |
| Sample Internet Shortcut | Sep 26th, 2019 | Never | 649 | 0 | None | - |
| Mal JavaScript | Sep 8th, 2019 | Never | 914 | 0 | JavaScript | - |
| Malicious PowerShell (Excerpt) | Aug 2nd, 2019 | Never | 912 | 0 | PowerShell | - |
| Malicious PowerShell | Aug 2nd, 2019 | Never | 1,270 | 0 | PowerShell | - |
| Malicious HTA | Jun 28th, 2019 | Never | 1,987 | 0 | JavaScript | - |
| Mal Powershell cmd | Jun 16th, 2019 | Never | 910 | 0 | Batch | - |
| Malicious PowerShell | May 1st, 2019 | Never | 1,383 | 0 | PowerShell | - |
| Malicious HTA (multi-stage) | Apr 12th, 2019 | Never | 975 | 0 | HTML | - |
| Mal Powershell | Mar 7th, 2019 | Never | 1,786 | 0 | PowerShell | - |
| Mal PowerShell Code extracted from Image | Mar 7th, 2019 | Never | 925 | 0 | PowerShell | - |
| Mal Powershell - Stage 9 | Mar 7th, 2019 | Never | 811 | 0 | PowerShell | - |
| Mal Powershel - After unwrapping 8-layer obfuscation | Mar 7th, 2019 | Never | 972 | 0 | PowerShell | - |
| Variable N | Mar 3rd, 2019 | Never | 562 | 0 | Batch | - |
| Malicious VBA | Mar 3rd, 2019 | Never | 701 | 0 | VBScript | - |
| Malicious PowerShell | Mar 3rd, 2019 | Never | 1,163 | 0 | PowerShell | - |
| Mal PowerShell after 36 round decoding | Mar 3rd, 2019 | Never | 717 | 0 | PowerShell | - |
| Decoded Malicious PowerShell (Stage 5) | Mar 3rd, 2019 | Never | 1,081 | 0 | PowerShell | - |
| Obfuscated Malicious PowerShell (Stage 4) | Mar 3rd, 2019 | Never | 689 | 0 | PowerShell | - |
| Decoded Malicious PowerShell | Mar 3rd, 2019 | Never | 923 | 0 | PowerShell | - |
| Emotet - VBA | Feb 28th, 2019 | Never | 1,062 | 0 | VBScript | - |
| Mal PDF | Feb 28th, 2019 | Never | 4,301 | 0 | PostScript | - |
| Emotet latest Docs | Jan 25th, 2019 | Never | 1,106 | 0 | None | - |
| Obfuscated Malicious PowerShell | Jan 7th, 2019 | Never | 2,662 | 0 | PowerShell | - |
| Malicious Javascript | Dec 25th, 2018 | Never | 752 | 0 | JavaScript | - |
| Malicious Powershell | Dec 18th, 2018 | Never | 1,320 | 0 | PowerShell | - |
| Malicious VBScript | Dec 10th, 2018 | Never | 915 | 0 | VBScript | - |
| Obfuscated malicious bat | Dec 7th, 2018 | Never | 679 | 0 | Batch | - |
| Decoding Encoded base64 string using MSIL | Nov 21st, 2018 | Never | 936 | 0 | PowerShell | - |
| Mal Batch file | Nov 20th, 2018 | Never | 924 | 0 | Batch | - |
| Malicious Bash Script | Nov 5th, 2018 | Never | 651 | 0 | Bash | - |
