all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Reversing - .NET main is not the first thing executed

Add to bookmarks
Oct. 7, 2023, 9:31 a.m. | MalwareAnalysisForHedgehogs

MalwareAnalysisForHedgehogs www.youtube.com

The main() method in .NET applications is considered as the entry point. But it is not the first thing being executed, which is purposefully used to deter reverse engineers. We write Intermediate Language assembly code to find out what is actually executed before main() in a .NET assembly.

Malware Analysis Course: https://www.udemy.com/course/windows-malware-analysis-for-hedgehogs-beginner-training/?couponCode=B1FC6A4384F0C7A05A98

Washis article: https://blog.washi.dev/posts/entry-points/

Follow me on Twitter: https://twitter.com/struppigel

00:00 Intro
00:19 Writing a Hello World in IL
02:43 Adding a static constructor
04:28 Adding a module constructor
05:24 …

applications assembly code engineers entry find language main point reverse reversing what is

Visit resource

More from www.youtube.com / MalwareAnalysisForHedgehogs

Triaging Files on VirusTotal 1 week, 6 days ago | www.youtube.com
can depth files find +11
Malware Analysis - JS to PowerShell to XWorm with Binary Refinery 1 month ago | www.youtube.com
analysis atom binary configuration +19
Malware Theory - Five Unpacking Methods and Generic Unpacking Approach 1 month, 2 weeks ago | www.youtube.com
breakpoints debugger emulation encryption +7
Binary Ninja - Fix unresolved stack pointer 2 months, 1 week ago | www.youtube.com
binary binary ninja fix function +1
Malware Analysis - Unpacking AutoIt stub with large obfuscated script 3 months ago | www.youtube.com
analysis autoit decrypt decryption +14
Malware Analysis - C2 extractor for Turla's Kopiluwak using Binary Refinery 3 months, 1 week ago | www.youtube.com
analysis apt beginners binary +16
Malware Analysis - 3 ways to deobfuscate JScript and JavaScript malware 4 months, 1 week ago | www.youtube.com
analysis code cons current +18
Malware Analysis - .NETReactor deobfuscation and configuration extraction of AgentTesla 5 months, 3 weeks ago | www.youtube.com
agenttesla analysis box configuration +10
Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking 5 months, 4 weeks ago | www.youtube.com
analysis archive binary deal +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs