2021-04-06 AND 07 (TUESDAY AND WEDNESDAY) - DATA DUMP: HANCITOR ACTIVITY
ASSOCIATED FILES:
- 2021-04-06-Hancitor-emails-and-malware.zip 2.2 MB (2,161,564 bytes)
- 2021-04-06-Hancitor-infection-with-Ficker-Stealer-and-attempted-Cobalt-Strike.pcap.zip 10.3 MB (10,311,723 bytes)
- 2021-04-07-Hancitor-emails-and-malware.zip 2.5 MB (2,549,658 bytes)
- 2021-04-07-Hancitor-infection-with-Cobalt-Strike-and-Ficker-Stealer.pcap.zip 9.0 MB (9,047,627 bytes)
NOTES:
- All zip archives on this site are password-protected. If you don't know the password, see the "about" page of this website.
- IP for Cobalt Strike C2 on Tuesday 2021-04-06 did not repsond when the infected host tried to contact it.
- Palo Alto Networks recently published a Wireshark tutoral I wrote, which you can find here.
IMAGES
Click here to return to the main page.