2021-02-09 (TUESDAY) - QUICK POST: HANCITOR INFECTION WITH COBALT STRIKE
NOTES:
- All zip files on this site are password-protected. If you don't know the password, see the "about" page of this website.
ASSOCIATED FILES:
- 2021-02-09-Hancitor-malspam-6-emails.zip   45 kB   (44,988 bytes)
- 2021-02-09-Hancitor-infection-with-Cobalt-Strike.pcap.zip   3.7 MB   (3,745,941 bytes)
- 2021-02-09-Hancitor-malware.zip   333 kB   (333,273 bytes)
IMAGES
Shown above: Screenshot from one of the emails pushing Hancitor.
Shown above: Google Drive page from one of the email links.
Shown above: Word document and redirection to KeyBank page.
Shown above: Screenshot from a KeyBank-themed Word document with macros for Hancitor.
Click here to return to the main page.