Malware-Traffic-Analysis.net - 2020-01-22 - Quick post: Hancitor infection with Ursnif

2020-01-22 - QUICK POST: HANCITOR INFECTION WITH URSNIF

NOTICE:

The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.

ASSOCIATED FILES:

2020-01-22-Hancitor-malspam-example.eml.zip 2.0 kB (2,001 bytes)
2020-01-22-Hancitor-infection.pcap.zip 245 kB (245,257 bytes)
2020-01-22-Hancitor-infection-with-Ursnif.pcap.zip 272 kB (271,815 bytes)
2020-01-22-Hancitor-and-Ursnif-malware-and-artifacts.zip 465 kB (465,282 bytes)

NOTES:

My pcap of Hancitor with Ursnif is a sanitized version of the pcap from the Any.Run analysis of the associated VBS file (link).

Click here to return to the main page.