2017-10-16 - FILES FOR AN ISC DIARY (HANCITOR INFECTION WITH DELOADER/ZLOADER)

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

NOTES:

• The associated ISC diary is:  Hancitor infection chain uses DDE attack

 

ASSOCIATED FILES:

• 2017-10-16-Hancitor-infection-with-ZLoader.pcap.zip   8.8 MB (8,752,583 bytes)

• 2017-10-16-Hancitor-infection-with-ZLoader.pcap   (9,546,728 bytes)

• 2017-10-16-Hancitor-malspam-8-examples.zip   17.1 kB (17,139 bytes)

• 2017-10-16-Hancitor-malspam-1450-UTC.eml   (7,630 bytes)
• 2017-10-16-Hancitor-malspam-1503-UTC.eml   (7,664 bytes)
• 2017-10-16-Hancitor-malspam-1507-UTC.eml   (7,692 bytes)
• 2017-10-16-Hancitor-malspam-1515-UTC.eml   (7,730 bytes)
• 2017-10-16-Hancitor-malspam-1543-UTC.eml   (7,669 bytes)
• 2017-10-16-Hancitor-malspam-1547-UTC.eml   (7,642 bytes)
• 2017-10-16-Hancitor-malspam-1601-UTC.eml   (7,695 bytes)
• 2017-10-16-Hancitor-malspam-1611-UTC.eml   (7,664 bytes)

• 2017-10-16-malware-from-Hancitor-infection.zip   436.0 kB (435,990 bytes)

• 2017-10-16-ehyl.exe   (201,728 bytes)
• 2017-10-16-tvs-1-of-2.exe   (196,608 bytes)
• 2017-10-16-tvs-2-of-2.exe   (215,040 bytes)
• receipt_481319.doc   (55,352 bytes)

 

Click here to return to the main page.