We break down the full infection chain of the Brazilian-targeted threat BBTok and demonstrate how to deobfuscate the loader DLL using PowerShell, Python, and dnlib.
BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell
Recent Posts
- CVE-2024-57823 – Raptor Turtle Parser Integer Underflow Vulnerability
- CVE-2024-57822 – Raptor RDF Syntax Library Heap-Based Buffer Over-Read Vulnerability
- CVE-2025-23016 – FastCGI fcgi2 Buffer Overflow
- CVE-2025-21380 – Azure SaaS Resource Authentication Bypass
- CVE-2025-21385 – Microsoft Purview SSRF