Malware-Traffic-Analysis.net - 2018-08-22 - Quick post: three days of Hancitor malspam infections

2018-08-22 - QUICK POST: THREE DAYS OF HANCITOR MALSPAM INFECTIONS

ASSOCIATED FILES:

2018-08-20-and-2018-08-22-Hancitor-malspam-2-email-examples.zip 4.4 kB (4,353 bytes)

2018-08-20-Hancitor-malspam-example-1627-UTC.eml (5,820 bytes)

2018-08-22-Hancitor-malspam-example-1442-UTC.eml (5,583 bytes)

2018-08-20-thru-2018-08-22-Hancitor-malspam-infection-traffic.zip 4.4 MB (4,351,094 bytes)

2018-08-20-Hancitor-malspam-infection-traffic.pcap (1,879,402 bytes)

2018-08-21-Hancitor-malspam-infection-traffic.pcap (2,658,105 bytes)

2018-08-22-Hancitor-malspam-infection-traffic.pcap (725,469 bytes)

2018-08-20-thru-2018-08-22-malware-from-Hancitor-infections.zip 964 kB (964,073 bytes)

2018-08-20-downloaded-Word-doc-with-macro-for-Hancitor.doc (204,288 bytes)

2018-08-20-Hancitor-malware-binary.exe (58,368 bytes)

2018-08-20-Zeus-Panda-Banker-caused-by-Hancitor-infection.exe (206,336 bytes)

2018-08-21-downloaded-Word-doc-with-Macro-for-Hancitor.doc (194,560 bytes)

2018-08-21-Hancitor-malware-binary.exe (58,368 bytes)

2018-08-21-Zeus-Panda-Banker-caused-by-Hancitor-infection.exe (214,016 bytes)

2018-08-22-downloaded-Word-doc-with-macro-for-Hancitor.doc (189,952 bytes)

2018-08-22-Hancitor-malware-binary.exe (58,880 bytes)

2018-08-22-Zeus-Panda-Banker-caused-by-Hancitor.exe (214,016 bytes)

NOTES:

Zip archives are password-protected with the standard password. If you don't know it, look at the "about" page of this website.

Shown above: Traffic from an infection on Monday 2018-08-20 filtered in Wireshark.

Shown above: Traffic from an infection on Tuesday 2018-08-21 filtered in Wireshark.

Shown above: Traffic from an infection on Wednesday 2018-08-22 filtered in Wireshark.

Click here to return to the main page.