Posts tagged Hancitor

The Hancitor Trojan, also known as Chanitor, is a downloader first observed in 2014. It distributes its payload via a Word document email attachment with embedded malicious macros. The most recent version of Hancitor contains the encoded shellcode within the macro and uses native API calls within Visual Basic (VB) code to pass execution, and carves out and decrypts the embedded malware in the attachment. 

Read More