The company announced the new features to improve security in Meetings and one-on-one conversations.
Technical analysis by the Malware Hunter JAMESWT
Hancitor is still hiding in a DocuSign email. The doc attachment is downloaded each time from a different url and contains the dll with the malware. The final payalod is unknown
Hancitor is still hiding inside a DocuSign email.
The doc attachment, which can be downloaded by opening the link in the text (the yellow button), contacts a different url each time and downloads a document that varies with each operation. Inside there is a dll with malware (aka Chanitor).
It is unknown, however, which is the next payload downloaded. In the latest cybercrime campaigns this was CobaltStrike or FickerStealer, an info-stealer that targets PCs with Windows operating systems, from XP to 10.