2018-01-29 - QUICK POST: HANCITOR MALSPAM
ASSOCIATED FILES:
- Zip archive of the emails: 2018-01-29-Hancitor-email-examples.txt.zip 3.2 kB (3,193 bytes)
- 2018-01-29-Hancitor-email-examples.txt - 16 examples in one text file (40,337 bytes)
- Zip archive of the pcap: 2018-01-29-Hancitor-infection-traffic.pcap.zip 2.0 MB (1,971,777 bytes)
- 2018-01-29-Hancitor-infection-traffic.pcap (2,412,922 bytes)
- Zip archive of the malware: 2018-01-29-Hancitor-malware-and-artifacts.zip 314 kB (313,770 bytes)
- 2018-01-29-Hancitor-maldoc-sample-bofa_payment_167492.doc (371,712 bytes)
- 2018-01-29-Zeus-Panda-Banker-sample.exe (194,048 bytes)
NOTES:
- This week, the campaign is back to using Word documents with malicious macros (no more RTF docs exploiting CVE-2017-11882).
- All zip archives on this site are password-protected with the standard password. If you don't know it, look at my "about" page.
Click here to return to the main page.