2018-06-27 - QUICK POST: HANCITOR INFECTION WITH ZEUS PANDA BANKER
- 2018-06-27-Hancitor-malspam-example-1630-UTC.eml.zip 2.8 kB (2,822 bytes)
- 2018-06-27-Hancitor-malspam-infection-traffic.pcap.zip 482 kB (482,175 bytes)
- 2018-06-27-malware-from-Hancitor-malspam-infection.zip 288 kB (287,841 bytes)
- All zip archives on this site are password-protected with a standard password. If you don't know it, see the "about" page of this website.
Shown above: Flow chart for today's activity, if I'm correct in my assumptions.
Shown above: Headers from an email example someone acquired for me today.
Shown above: Traffic from this infection filtered in Wireshark.
Shown above: Today's entire malspam run seemed like a test.
Shown above: What I assume was a Hancitor malware binary seen during today's infection.
Click here to return to the main page.