Eli SalemDancing With Shellcodes: Analyzing Rhadamanthys StealerThreat Background20 min read·Jan 16, 2023--1--1
Eli SalemThe chronicles of Bumblebee: The Hook, the Bee, and the Trickbot connectionIn late March 2022, a new malware dubbed “Bumblebee” was discovered, and reported to be distributed in phishing campaigns containing ISO…17 min read·Apr 27, 2022----
Eli SalemHighway to Conti: Analysis of BazarloaderAs we look back to summarize the year 2021 we observe that the biggest threat in the cybersecurity landscape is still ransomware. A large…15 min read·Feb 16, 2022----
Eli SalemThe Squirrel Strikes Back: Analysis of the newly emerged cobalt-strike loader “SquirrelWaffle”Since early-mid of September 2021, a new malware loader dubbed “Squirrelwaffle” has been discovered and observed delivering the attack…13 min read·Sep 21, 2021--3--3
Eli SalemDissecting and automating Hancitor’s config extractionThe Hancitor malware, first observed in 2015, is a downloader known to deliver several other malware. In its first years, Hancitor was…14 min read·Jun 21, 2021--1--1
Eli SalemDancing With Shellcodes: Cracking the latest version of GuloaderGuloader is a downloader that has been active since 2019. It is known to deliver various malware, more notably: Agent-Tesla, Netwire…14 min read·Apr 19, 2021----
Eli SalemFuntastic Packers And Where To Find ThemIn malware, we often see threat actors that tend to obfuscate or encrypt their code in order to slow down the analysis of security…11 min read·Jan 18, 2021--1--1