HIGHLY_SUSPICIOUS (1) campaign cataloged at 2025-05-24(2).

1. Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2025-05-EmbedUtils

Package contains methods to upload messages and files to a hardcoded Slack channels. This is usually used in infostealers; however, this package does not contain any malicious code and there is no known usage of it

Abuse categories

exfiltration_generic

Campaign uses exfiltration_generic.

Packages in the campaign

campaign:2025-05-EmbedUtils

• embedutils