2018-01-29 - QUICK POST: HANCITOR MALSPAM

ASSOCIATED FILES:

• Zip archive of the emails:  2018-01-29-Hancitor-email-examples.txt.zip   3.2 kB (3,193 bytes)

• 2018-01-29-Hancitor-email-examples.txt - 16 examples in one text file   (40,337 bytes)

• Zip archive of the pcap:  2018-01-29-Hancitor-infection-traffic.pcap.zip   2.0 MB (1,971,777 bytes)

• 2018-01-29-Hancitor-infection-traffic.pcap   (2,412,922 bytes)

• Zip archive of the malware:  2018-01-29-Hancitor-malware-and-artifacts.zip   314 kB (313,770 bytes)

• 2018-01-29-Hancitor-maldoc-sample-bofa_payment_167492.doc   (371,712 bytes)
• 2018-01-29-Zeus-Panda-Banker-sample.exe   (194,048 bytes)

NOTES:

• This week, the campaign is back to using Word documents with malicious macros (no more RTF docs exploiting CVE-2017-11882).
• All zip archives on this site are password-protected with the standard password.  If you don't know it, look at my "about" page.

 

Click here to return to the main page.