De-obfuscating ALCATRAZ

Elastic Security Labs analyzed DOUBLELOADER, a backdoor deployed alongside the RHADAMANTHYS infostealer, and documented how the open-source obfuscator ALCATRAZ hinders analysis through techniques like entrypoint obfuscation, anti-disassembly, instruction mutation, constant/LEA unfolding, and control-flow flattening; the report includes remediation approaches (IDA Python scripts, D810 plugin), YARA rules, and a SHA256 observable for detection.