2018-12-20 - THREE DAYS OF HANCITOR INFECTIONS, TODAY WITH SMOKE LOADER

2018-12-18 INFO:

2018-12-18 FILES:

 

2018-12-19 INFO:

2018-12-19 FILES:

 

2018-12-20 INFO:

2018-12-20 FILES:

 

NOTES:

 


Shown above:  Flow chart for traffic on the first run.

 


Shown above:  On the first run I saw a 4th URL for follow-up malware that turned out to be Smoke Loader.

 


Shown above:  I tried a second infection less than an hour later, but no Smoke Loader.

 


Shown above:  Here's what Smoke Loader looked like on an infected Windows host.

 

Click here to return to the main page.