2018-10-10 - QUICK POST: HANCITOR INFECTION WITH ZEUS PANDA BANKER

ASSOCIATED FILES:

  • 2018-10-10-Hancitor-malspam-1458-UTC.eml   (5,038 bytes)
  • 2018-10-10-Hancitor-infection-with-Zeus-Panda-Banker.pcap   (2,821,672 bytes)
  • 2018-10-10-downloaded-Word-doc-with-macro-for-Hancitor.doc   (265,216 bytes)
  • 2018-10-10-Hancitor-malware-binary.exe   (95,744 bytes)
  • 2018-10-10-Zeus-Panda-Banker-caused-by-Hancitor-infection.exe   (148,480 bytes)

 

IMAGES


Shown above:  Screenshot of the email.

 


Shown above:  Screenshot of the downloaded Word document.

 


Shown above:  Traffic from the infection filtered in Wireshark.

 

FINAL NOTES

Once again, here are the associated files:

Zip archives are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.