BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell – ITTS

BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell

26 September 2024

In a complex infection chain that starts with an email containing an ISO image, this malware stands out by its way of compiling C# code directly on the infected machine. It also uses a technique known as AppDomain Manager Injection to advance execution.

Source: GDataSecurityBlog

Date:

26 September 2024

Categorie(s):

Tag(s):

.NET, Brazil, Frameworks, Loader, PowerShell

Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024
Research: Extending corporate life of laptops by just one year can reduce harmful emissions by 25%5 November 2024