2018-10-10 - QUICK POST: HANCITOR INFECTION WITH ZEUS PANDA BANKER
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
ASSOCIATED FILES:
- Email example: 2018-10-10-Hancitor-malspam-1458-UTC.eml.zip 2.4 kB (2,381 bytes)
- 2018-10-10-Hancitor-malspam-1458-UTC.eml (5,038 bytes)
- Traffic: 2018-10-10-Hancitor-infection-with-Zeus-Panda-Banker.pcap.zip 2.3 MB (2,289,988 bytes)
- 2018-10-10-Hancitor-infection-with-Zeus-Panda-Banker.pcap (2,821,672 bytes)
- Malware: 2018-10-10-malware-from-Hancitor-infection.zip 333 kB (333,189 bytes)
- 2018-10-10-downloaded-Word-doc-with-macro-for-Hancitor.doc (265,216 bytes)
- 2018-10-10-Hancitor-malware-binary.exe (95,744 bytes)
- 2018-10-10-Zeus-Panda-Banker-caused-by-Hancitor-infection.exe (148,480 bytes)
IMAGES
Shown above: Screenshot of the email.
Shown above: Screenshot of the downloaded Word document.
Shown above: Traffic from the infection filtered in Wireshark.
Click here to return to the main page.