Guess Who: The Malware Edition

Can You Identify the Malware Family?

Out of the Woods: The Threat Hunting Podcast returns with another live, interactive edition designed to test how you analyze malicious activity. This session will focus on a specific malware family, revealing its behavior in stages as our hosts walk through execution patterns, infrastructure clues, and operational tradecraft.

Participants will examine how observed behaviors align to MITRE ATT&CK, how the malware evolves across campaigns, and how delivery methods and post-exploitation activity signal attribution. Before the final reveal, attendees will have the opportunity to submit their best guess on which malware family is responsible.

What You’ll Learn:

• Real-world malware behavior – A phase-by-phase breakdown of an active malware campaign
• MITRE ATT&CK in context – How techniques manifest during execution
• Behavioral fingerprinting – Identifying patterns across variants and infrastructure
• Delivery and objectives – What infection chains reveal about operator intent
• Interactive analysis – Submit your guess before the final reveal

Join the Community Discussion

Follow the clues and share your analysis in real time on our Discord server: https://discord.gg/DR4mcW4zBr

The first five participants who correctly identify the malware family will receive an Intel 471 t-shirt. Bring your analysis and see if you can solve it before the reveal.