From Zero to Domain Admin
released on 2021-11-02 @ 01:06:28 PM
In a recent malware campaign, the Hancitor DLL was downloaded and used to execute multiple payloads including a Cobalt Strike stager and Ficker Stealer. The threat actors then began port scanning for SMB and a few backup systems such as Synology, Veeam and Backup Exec.