{ "type": "URL", "indicator": "https://shop.poleaddict.eu", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://shop.poleaddict.eu", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4075303733, "indicator": "https://shop.poleaddict.eu", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 1, "pulses": [ { "id": "6848c105e22453c2bec2258d", "name": "Ogrodnictwo - Baza Firm 2024.xls adorno.pl", "description": "Researchers at the University of California at Berkeley, in the United States, have published their findings on the subject of a security vulnerability in Microsoft's PowerShell operating system, also known as \"Chocolatey\".", "modified": "2025-07-28T08:00:49.288000", "created": "2025-06-10T23:34:29.281000", "tags": [ "vhash", "ssdeep", "inquest labs", "microsoft excel", "d0 cf", "e0 a1", "hiddenss", "statess", "hidden", "nocase", "sha256", "externalnet", "homenet", "mtu denial", "5762", "needed", "df bit", "reply", "policies", "insecure level", "registry type", "powershell", "powershell id", "script block", "logging", "windows", "getfreespace", "imageendswith", "example", "imagestartswith", "files", "sandbox author", "securityuserid", "windows upgrade", "k netsvcs", "defender", "update", "cache entry", "gzip chrome", "user", "woff chrome", "javascript c", "doscom c", "text c", "bmp c", "text chrome" ], "references": [ "MD5 da63ff099674eab612f7101116bddaa5", "https://virustotalcloud.firebaseapp.com/__/auth/handler?state=AMbdmDmB7R-mobcjqlNn5Tk3TSMlTTChMo-X0Gu7sho4DBhHzFXXT13BnjoMIZ2BiUB9IwoPL5YHSk3Ad2Hjsn7dL9LVBA89o2Xy4CjQj6siPR5s_G-pxcVnajQCDVEG7aXwBPaq8QmoPG5sRErBd_3iX0RDSzNL0_AU9_ldsWsakbA0LOLkIluupkaXhS72NREPpemuXBzy0pI7pvWidxXFtfFklcG_-fzn8KLDIO4BVRcktGFwWvQ2Oa46KE8oqkAynQoBDw-ssMd-fZwwNdPME_GWE9q4dvXE8cHt7rUcfStwp9XZ7_Jd82zJHsp-cFPguYZx-a0NGA&code=4%2F0AUJR-x6e6ebOwSRIdn1ETUESvDBcpCwDMA12A8aZtVcAffxzGkWb2YWoSX-_VtzNaYcw6w&scope=email+profile+https%3A%2F%2F", "d37481f608bdf78117b2f8819bcfd6744c3934b5c08c2ec8b8cbd36030a6fbd3 g_Faktury__FAKTURA_Bruttoppn.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 12, "FileHash-SHA256": 51, "URL": 239, "YARA": 1, "domain": 35, "hostname": 22, "CVE": 1 }, "indicator_count": 375, "is_author": false, "is_subscribing": null, "subscriber_count": 123, "modified_text": "307 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "MD5 da63ff099674eab612f7101116bddaa5", "https://virustotalcloud.firebaseapp.com/__/auth/handler?state=AMbdmDmB7R-mobcjqlNn5Tk3TSMlTTChMo-X0Gu7sho4DBhHzFXXT13BnjoMIZ2BiUB9IwoPL5YHSk3Ad2Hjsn7dL9LVBA89o2Xy4CjQj6siPR5s_G-pxcVnajQCDVEG7aXwBPaq8QmoPG5sRErBd_3iX0RDSzNL0_AU9_ldsWsakbA0LOLkIluupkaXhS72NREPpemuXBzy0pI7pvWidxXFtfFklcG_-fzn8KLDIO4BVRcktGFwWvQ2Oa46KE8oqkAynQoBDw-ssMd-fZwwNdPME_GWE9q4dvXE8cHt7rUcfStwp9XZ7_Jd82zJHsp-cFPguYZx-a0NGA&code=4%2F0AUJR-x6e6ebOwSRIdn1ETUESvDBcpCwDMA12A8aZtVcAffxzGkWb2YWoSX-_VtzNaYcw6w&scope=email+profile+https%3A%2F%2F", "d37481f608bdf78117b2f8819bcfd6744c3934b5c08c2ec8b8cbd36030a6fbd3 g_Faktury__FAKTURA_Bruttoppn.pdf" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 376 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/poleaddict.eu", "whois": "http://whois.domaintools.com/poleaddict.eu", "domain": "poleaddict.eu", "hostname": "shop.poleaddict.eu" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 1, "pulses": [ { "id": "6848c105e22453c2bec2258d", "name": "Ogrodnictwo - Baza Firm 2024.xls adorno.pl", "description": "Researchers at the University of California at Berkeley, in the United States, have published their findings on the subject of a security vulnerability in Microsoft's PowerShell operating system, also known as \"Chocolatey\".", "modified": "2025-07-28T08:00:49.288000", "created": "2025-06-10T23:34:29.281000", "tags": [ "vhash", "ssdeep", "inquest labs", "microsoft excel", "d0 cf", "e0 a1", "hiddenss", "statess", "hidden", "nocase", "sha256", "externalnet", "homenet", "mtu denial", "5762", "needed", "df bit", "reply", "policies", "insecure level", "registry type", "powershell", "powershell id", "script block", "logging", "windows", "getfreespace", "imageendswith", "example", "imagestartswith", "files", "sandbox author", "securityuserid", "windows upgrade", "k netsvcs", "defender", "update", "cache entry", "gzip chrome", "user", "woff chrome", "javascript c", "doscom c", "text c", "bmp c", "text chrome" ], "references": [ "MD5 da63ff099674eab612f7101116bddaa5", "https://virustotalcloud.firebaseapp.com/__/auth/handler?state=AMbdmDmB7R-mobcjqlNn5Tk3TSMlTTChMo-X0Gu7sho4DBhHzFXXT13BnjoMIZ2BiUB9IwoPL5YHSk3Ad2Hjsn7dL9LVBA89o2Xy4CjQj6siPR5s_G-pxcVnajQCDVEG7aXwBPaq8QmoPG5sRErBd_3iX0RDSzNL0_AU9_ldsWsakbA0LOLkIluupkaXhS72NREPpemuXBzy0pI7pvWidxXFtfFklcG_-fzn8KLDIO4BVRcktGFwWvQ2Oa46KE8oqkAynQoBDw-ssMd-fZwwNdPME_GWE9q4dvXE8cHt7rUcfStwp9XZ7_Jd82zJHsp-cFPguYZx-a0NGA&code=4%2F0AUJR-x6e6ebOwSRIdn1ETUESvDBcpCwDMA12A8aZtVcAffxzGkWb2YWoSX-_VtzNaYcw6w&scope=email+profile+https%3A%2F%2F", "d37481f608bdf78117b2f8819bcfd6744c3934b5c08c2ec8b8cbd36030a6fbd3 g_Faktury__FAKTURA_Bruttoppn.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 14, "FileHash-SHA1": 12, "FileHash-SHA256": 51, "URL": 239, "YARA": 1, "domain": 35, "hostname": 22, "CVE": 1 }, "indicator_count": 375, "is_author": false, "is_subscribing": null, "subscriber_count": 123, "modified_text": "307 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://shop.poleaddict.eu", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://shop.poleaddict.eu", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780248451.2815924 }