How to : Decode Hancitor C2 Traffic Streams and Extract URL IOCs with Python
The Hancitor (aka Chanitor) malware is a downloader, which has been around since about 2014 and is usually spread through malspam campaigns. Upon infection, a system with the Hancitor malware sends a beacon to a C2 server. The beacon contains plain-text information about the i ...more