2018-07-16 - QUICK POST: HANCITOR INFECTION WITH ZEUS PANDA BANKER (AND AZORULT)

ASSOCIATED FILES:

 

NOTES:

 

IMAGES


Shown above:  Infection traffic filtered in Wirehshark.

 


Shown above:  This popped up (and quickly dissappeared) in the user's AppData\Local\Temp directory.

 

FINAL NOTES

Once again, here are the associated files:

Zip archives are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.