2017-09-22 - PCAP AND MALWARE FOR AN ISC DIARY (HANCITOR MALSPAM)
NOTES:
- The associated ISC diary is for Friday 2017-09-22: Malspam pushing Word documents with Hancitor malware
- Zip files are password-protected. If you don't know the password, look at the "about" page of this website.
ASSOCIATED FILES:
- Zip archive of the pcap: 2017-09-21-Hancitor-malspam-traffic-example.pcap.zip 9.4 MB (9,425,582 bytes)
- 2017-09-21-Hancitor-malspam-traffic-example.pcap (10,162,395 bytes)
- Zip archive of the malware: 2017-09-20-Hancitor-malspam-emails-and-artifacts.zip 295 kB (295,229 bytes)
- 2017-09-21-Hancitor-malspam-1658-UTC.eml (1,072 bytes)
- 2017-09-21-Hancitor-malspam-1714-UTC.eml (1,155 bytes)
- 2017-09-21-Hancitor-malspam-1730-UTC.eml (1,106 bytes)
- 2017-09-21-Hancitor-malspam-1747-UTC.eml (1,065 bytes)
- 2017-09-21-Hancitor-malspam-1841-UTC.eml (1,152 bytes)
- 2017-09-21-follow-up-malware-ZLoader-DELoader.exe (194,048 bytes)
- invoice_729017.doc (390,656 bytes)
Click here to return to the main page.