skip to Main Content

Cybercrime, new wave of the FickerStealer campaign via DocuSign and Hancitor

Malware Hunter JAMESWT Technical Analysis

Cybercrime, the FickerStealer campaign is back via DocuSign and Hancitor. The email xls attachment of the email, which also arrived in Italy, contains a dll with Chanitor, which downloads the final malware

New wave of the FickerStealer campaign, passing through Hancitor and a fake mail notification from DocuSign.


The email xls attachment contains a dll with Hancitor (alias Chanitor). This then downloads the final malware.

The goal of cybercrime is to steal sensitive data from victims. FickerStealer, in fact, is an info-stealer that targets PCs with Windows operating system, from version XP to 10.

Malware’s C2

Back To Top