2018-08-22 - QUICK POST: THREE DAYS OF HANCITOR MALSPAM INFECTIONS

ASSOCIATED FILES:

  • 2018-08-20-Hancitor-malspam-example-1627-UTC.eml   (5,820 bytes)
  • 2018-08-22-Hancitor-malspam-example-1442-UTC.eml   (5,583 bytes)
  • 2018-08-20-Hancitor-malspam-infection-traffic.pcap   (1,879,402 bytes)
  • 2018-08-21-Hancitor-malspam-infection-traffic.pcap   (2,658,105 bytes)
  • 2018-08-22-Hancitor-malspam-infection-traffic.pcap   (725,469 bytes)
  • 2018-08-20-downloaded-Word-doc-with-macro-for-Hancitor.doc   (204,288 bytes)
  • 2018-08-20-Hancitor-malware-binary.exe   (58,368 bytes)
  • 2018-08-20-Zeus-Panda-Banker-caused-by-Hancitor-infection.exe   (206,336 bytes)
  • 2018-08-21-downloaded-Word-doc-with-Macro-for-Hancitor.doc   (194,560 bytes)
  • 2018-08-21-Hancitor-malware-binary.exe   (58,368 bytes)
  • 2018-08-21-Zeus-Panda-Banker-caused-by-Hancitor-infection.exe   (214,016 bytes)
  • 2018-08-22-downloaded-Word-doc-with-macro-for-Hancitor.doc   (189,952 bytes)
  • 2018-08-22-Hancitor-malware-binary.exe   (58,880 bytes)
  • 2018-08-22-Zeus-Panda-Banker-caused-by-Hancitor.exe   (214,016 bytes)

NOTES:

 


Shown above:  Traffic from an infection on Monday 2018-08-20 filtered in Wireshark.

 


Shown above:  Traffic from an infection on Tuesday 2018-08-21 filtered in Wireshark.

 


Shown above:  Traffic from an infection on Wednesday 2018-08-22 filtered in Wireshark.

 

Click here to return to the main page.