Date Author Title
2021-09-15Brad DuncanHancitor campaign abusing Microsoft's OneDrive
2021-07-09Brad DuncanHancitor tries XLL as initial malware file
2021-06-30Brad DuncanJune 2021 Forensic Contest: Answers and Analysis
2021-01-13Brad DuncanHancitor activity resumes after a hoilday break
2020-03-12Brad DuncanHancitor distributed through coronavirus-themed malspam
2019-11-20Brad DuncanHancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
2019-02-06Brad DuncanHancitor malspam and infection traffic from Tuesday 2019-02-05
2018-12-05Brad DuncanCampaign evolution: Hancitor changes its Word macros
2018-10-30Brad DuncanCampaign evolution: Hancitor malspam starts pushing Ursnif this week
2017-10-17Brad DuncanHancitor malspam uses DDE attack
2017-02-10Brad DuncanHancitor/Pony malspam
2016-12-05Didier StevensHancitor Maldoc Videos