Intel 471 | HUNTER

AND A HUNT OF THE DAY!?! You know it! Looking at where the malware created their scheduled task you can tell it is a little phishy!

Scheduled Task Executing from Abnormal Location
hunter.cyborgsecurity.io/research/hun...

#huntoftheday #gethunting #HappyHunting

Intel 471 | HUNTER

To compliment the work of the authors, why not take this Community Hunt Package with you to identify when a Powershell encoded command is executed in your environment:

Powershell Encoded Command Execution
hunter.cyborgsecurity.io/research/hun...

#huntoftheday #gethunting