Deobfuscation techniques: Peephole deobfuscation

This blog post describes a practical, lightweight deobfuscation approach called 'peephole deobfuscation' and demonstrates it on an unpacked Lumma malware sample (SHA256 provided). It explains pattern-based instruction substitutions, control-flow dispatcher deobfuscation using Ghidra's emulator, provides example byte-pattern rules and Python/Ghidra snippets to automate patches, and discusses limitations and next steps for further analysis.