The doc attachment is downloaded each time from a different url and contains the dll with the malware. The final payalod is unknown.
Malware Hunter JAMESWT Technical Analysis
Cybercrime, the FickerStealer campaign is back via DocuSign and Hancitor. The email xls attachment of the email, which also arrived in Italy, contains a dll with Chanitor, which downloads the final malware
New wave of the FickerStealer campaign, passing through Hancitor and a fake mail notification from DocuSign.
The email xls attachment contains a dll with Hancitor (alias Chanitor). This then downloads the final malware.
The goal of cybercrime is to steal sensitive data from victims. FickerStealer, in fact, is an info-stealer that targets PCs with Windows operating system, from version XP to 10.