MALICIOUS (1) campaign cataloged at 2025-07-17(2).
- The campaign has clearly malicious intent, like infostealers.
- This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.
2025-07-avatar-handler¶
Code pretending to handling downloading an image, but in fact is prepared to download and execute a Powershell script image properties. No known usage
Abuse categories¶
obfuscation
Campaign uses obfuscation.
remote_script
Downloads and executes a remote malicious script.