2017-02-16 - HANCITOR MALSPAM

ASSOCIATED FILES:

 

EMAILS

FROM MONDAY 2017-02-13:

 

FROM THURSDAY 2017-02-16:

 

TRAFFIC


Shown above:  Traffic from the Monday 2017-02-13 infection filtered in Wireshark.

 

ASSOCIATED DOMAINS FROM MONDAY 2017-02-13:

 


Shown above:  Traffic from the Thursday 2017-02-16 infection filtered in Wireshark.

 

ASSOCIATED DOMAINS FROM THURSDAY 2017-02-16:

 

FILE HASHES

HANCITOR MALDOCS:

 

FOLLOW-UP MALWARE:

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.