Featured

Happy Hunting | Using AsyncRat To Identify Malware Patterns
Lee Archinal, Senior Threat Hunt Analyst, Intel 471
Learn how AsyncRat, a versatile remote access tool, performs malicious campaigns and how identify and track them with cyber threat hunting.
AsyncRAT is a versatile remote access tool (RAT) often used in malicious campaigns, offering features like keylogging and remote desktop control, making it a common choice for cybercriminals. In this episode of "Happy Hunting", Lee Archinal breaks down the behaviors of AsyncRAT and shows how threat hunters can identify patterns—such as batch file executions in temp directories.
Watch now to learn how you can track these techniques using the Execution Bat Script to Unpack Payload Hunt Package on the 471HUNTER Platform.
Get your free 471HUNTER Community Account to access this hunt package and more: https://intel471.com/lp/hunter-community-access
Already have a Community Account? Jump straight to the hunt package: https://hunter.cyborgsecurity.io/research/hunt-package/606cd1ac-622d-4645-9553-2b04df7407d8
All episodes
-
Happy Hunting | A Deep Dive Into Black Basta
Lee Archinal, Senior Threat Hunt Analyst, Intel 471
Learn about the cybercriminal group Black Basta and see how they use discovery tactics to find and target victims.
In the latest episode of the "Happy Hunting" series, Lee Archinal dives into Black Basta, a cybercriminal group that's been causing serious trouble across various industries like healthcare, manufacturing, and critical infrastructure. What makes Black Basta especially dangerous is how they use discovery tactics to scope out target environments, giving them the edge they need to launch precise and devastating attacks.
Join our community with a free Community Account on the HUNTER471 Platform. This account grants you access to our Hunt Package Collection, including the "Excessive Windows Discovery and Execution Processes - Potential Malware Installation" Hunt Package featured in this episode, along with a wide array of resources to sharpen your threat hunting expertise.
Get your HUNTER471 account today: https://intel471.com/hunter-community-platform
Already have a Community Account? Jump straight to the Excessive Windows Discovery and Execution Processes - Potential Malware Installation Hunt Package and follow along with Lee: https://hunter.cyborgsecurity.io/research/hunt-package/a37ff816-53b3-4af3-a63c-3f87a3eab908
-
Happy Hunting | Unmasking APT38 - North Korea’s Financial Cyber Heist Experts
Lee Archinal, Senior Threat Hunt Analyst, Intel 471
Learn how APT38, North Korea's Financial Cyber Heist Experts, steals millions--and how to use cyber threat intelligence to stay ahead of these attackers.
APT38, known for stealing millions in high-profile financial attacks like the $81M Bangladesh Bank heist, is no ordinary adversary. This state-sponsored group excels at using zero-days and firewall evasion techniques to bypass detection and target financial institutions worldwide.
In the latest "Happy Hunting" episode, Lee Archinal explores APT38’s sophisticated methods and explains why threat intelligence is critical to staying ahead of these attackers. Learn how to hunt for their tactics using the Windows Firewall Rule Added via CMD/PowerShell Hunt Package on the 471HUNTER Platform.
Get a free 471HUNTER Community Account to access this hunt package and more: https://intel471.com/hunter-community-platform
-
Happy Hunting | Using AsyncRat To Identify Malware Patterns
Lee Archinal, Senior Threat Hunt Analyst, Intel 471
Learn how AsyncRat, a versatile remote access tool, performs malicious campaigns and how identify and track them with cyber threat hunting.
AsyncRAT is a versatile remote access tool (RAT) often used in malicious campaigns, offering features like keylogging and remote desktop control, making it a common choice for cybercriminals. In this episode of "Happy Hunting", Lee Archinal breaks down the behaviors of AsyncRAT and shows how threat hunters can identify patterns—such as batch file executions in temp directories.
Watch now to learn how you can track these techniques using the Execution Bat Script to Unpack Payload Hunt Package on the 471HUNTER Platform.
Get your free 471HUNTER Community Account to access this hunt package and more: https://intel471.com/lp/hunter-community-access
Already have a Community Account? Jump straight to the hunt package: https://hunter.cyborgsecurity.io/research/hunt-package/606cd1ac-622d-4645-9553-2b04df7407d8