hancitor Archives - Unit42

The word "Tutorial," superimposed over an image used in the Wireshark Tutorial series.

9,795

people reacted

Wireshark Tutorial: Examining Traffic from Hancitor Infections

By Brad Duncan
April 7, 2021 at 6:00 AM

12

20 min. read

Malicious email, as depicted here, can be the starting point of a chain of events related to Hancitor infections, which have recently been observed distributing Cobalt Strike and using a noisy network ping tool.

14,828

people reacted

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

By Brad Duncan
April 1, 2021 at 12:00 PM

13

11 min. read

23,013

people reacted

Dissecting Hancitor’s Latest 2018 Packer

By Jeff White
February 27, 2018 at 5:00 AM

0

16 min. read

20,939

people reacted

Threat Brief: Hancitor Actors

By Unit 42
February 7, 2018 at 10:00 AM

0

4 min. read

31,234

people reacted

Compromised Servers & Fraud Accounts: Recent Hancitor Attacks

By Vicky Ray and Brad Duncan
February 7, 2018 at 5:00 AM

1

7 min. read

19,127

people reacted

Pythons and Unicorns and Hancitor…Oh My! Decoding Binaries Through Emulation

By Jeff White
August 30, 2016 at 1:20 PM

2

11 min. read

VB Dropper and Shellcode for Hancitor Reveal New Techniques Behind Uptick

By Jeff White
August 21, 2016 at 5:00 PM

0

7 min. read