https://hexpysya.github.io/tags/scdbg/Recent content in Scdbg on bubka hacks stuffHugo -- gohugo.ioen-usFri, 20 Feb 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-obfsc4t10n/Fri, 20 Feb 2026 00:00:00 +0000https://hexpysya.github.io/investigations/htb-obfsc4t10n/A phishing HTML file masquerading as an invoice delivers a macro-enabled Excel workbook that drops and executes a multi-stage obfuscated HTA payload, ultimately injecting a reverse shell shellcode into rundll32.exe and establishing a C2 connection.