AUTHOR

Articles by Salim Bitam

Videos

Doing time with the YIPPHB dropper

Elastic Security Labs outlines the steps collect and analyze the various stages of the REF4526 intrusion set. This intrusion set uses a creative approach of Unicode icons in Powershell scripts to install a loader, a dropper, and RAT implants.

Videos

FLARE-ON 9 Solutions:

This year's FLARE-ON consisted of 11 different reverse engineering challenges with a range of interesting binaries. We really enjoyed working on these challenges and have published our solutions here to Elastic Security Labs.

Videos

Exploring the REF2731 Intrusion Set

The Elastic Security Labs team has been tracking REF2731, an 5-stage intrusion set involving the PARALLAX loader and the NETWIRE RAT.

Videos

BUGHATCH Malware Analysis

Elastic Security has performed a deep technical analysis of the BUGHATCH malware. This includes capabilities as well as defensive countermeasures.

Videos

LUNA Ransomware Attack Pattern Analysis

In this research publication, we'll explore the LUNA attack pattern — a cross-platform ransomware variant.

Videos

CUBA Ransomware Campaign Analysis

Elastic Security observed a ransomware and extortion campaign leveraging a combination of offensive security tools, LOLBAS, and exploits to deliver the CUBA ransomware malware.

Videos

CUBA Ransomware Malware Analysis

Elastic Security has performed a deep technical analysis of the CUBA ransomware family. This includes malware capabilities as well as defensive countermeasures.

Videos

BLISTER Loader

The BLISTER loader continues to be actively used to load a variety of malware.