2020-07-16 - HANCITOR INFECTION WITH INFO STEALER
- 2020-07-16-Hancitor-IOCs.txt.zip 2.0 kB (1,977 bytes)
- 2020-07-16-Hancitor-infection-traffic.pcap.zip 3.6 MB (3,619,332 bytes)
- 2020-07-16-Hancitor-and-followup-malware.zip 4.0 MB (3,965,922 bytes)
- I'm not sure what the follow-up malware is, but it appears to be some sort of info stealer (previously it's been Ursnif and/or Cobalt Strike).
- All zip archives on this site are password-protected with the standard password. If you don't know it, see the "about" page of this website.
Click here to return to the main page.