Getting Started with dnSpyEx - Unraveling a .NET Formbook Dropper

In this video, I'll show you the basics of the dnSpyEx interface and discuss techniques for performing effective static and dynamic analysis. We'll use a recent Formbook malware sample for this demo and unravel several stages of obfuscation to find the primary payload. By the end of this video, you'll be able to decompile .NET binaries, analyze the code using the dnSpyEx interface, and learn how to use the basics of the debugger to trace through the program. Cybersecurity, reverse engineering, malware analysis and ethical hacking content! 🎓 Courses on Pluralsight 👉🏻 https://www.pluralsight.com/authors/j... 🌶️ YouTube 👉🏻 Like, Comment & Subscribe! 🙏🏻 Support my work 👉🏻   / joshstroschein   🌎 Follow me 👉🏻   / jstrosch  ,   / joshstroschein   ⚙️ Tinker with me on Github 👉🏻 https://github.com/jstrosch Sample SHA256: 1e76071fd87642e4070b75b2f542d65d304dcbb8482e795610bd53b34c54bcb8

Join Today
Analyze Malware Without Running It (Beginner Malware Analysis)
▶︎

Analyze Malware Without Running It (Beginner Malware Analysis)

When Iterators Aren't Zero Cost (Xavier Dennis at RustWeek)
▶︎

When Iterators Aren't Zero Cost (Xavier Dennis at RustWeek)

🔴 Portable Executable Files: Analyzing In-Memory versus On Disk
▶︎

🔴 Portable Executable Files: Analyzing In-Memory versus On Disk

An Introduction to Binary Ninja for Malware Analysis
▶︎

An Introduction to Binary Ninja for Malware Analysis

How to Extract Shellcode Using x64dbg (Malware Analysis)
▶︎

How to Extract Shellcode Using x64dbg (Malware Analysis)

Reversing Array Data Structures - Ghidra Reversing Tutorials
▶︎

Reversing Array Data Structures - Ghidra Reversing Tutorials

What is .NET? What's C# and F#? What's the .NET Ecosystem? .NET Core Explained, what can .NET build?
▶︎

What is .NET? What's C# and F#? What's the .NET Ecosystem? .NET Core Explained, what can .NET build?

🔴 Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data
▶︎

🔴 Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data

Make Malware Analysis FASTER with Binary Emulation
▶︎

Make Malware Analysis FASTER with Binary Emulation

Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter
▶︎

Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

AI buys robot and car, does exactly what experts warned.
▶︎

AI buys robot and car, does exactly what experts warned.

World's Deadliest Computer Virus: WannaCry
▶︎

World's Deadliest Computer Virus: WannaCry

Stack Traces in ProcMon - Filtering Events, Exploring DLL Dependencies, and Investigating Call Sites
▶︎

Stack Traces in ProcMon - Filtering Events, Exploring DLL Dependencies, and Investigating Call Sites

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones
▶︎

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones

Analyzing the FBI's Qakbot Takedown Code (Malware Analysis & Reverse Engineering)
▶︎

Analyzing the FBI's Qakbot Takedown Code (Malware Analysis & Reverse Engineering)

MALWARE ANALYSIS - VBScript Decoding & Deobfuscating
▶︎

MALWARE ANALYSIS - VBScript Decoding & Deobfuscating

Working with UPX - Manual Unpacking with IDA Pro, x32dbg and Scylla
▶︎

Working with UPX - Manual Unpacking with IDA Pro, x32dbg and Scylla

The AI Take Over Has Completely Backfired and I Can't Be Happier
▶︎

The AI Take Over Has Completely Backfired and I Can't Be Happier

Digging into Import Tables in PE Files - What is the IMAGE_IMPORT_DESCRIPTOR Structure?
▶︎

Digging into Import Tables in PE Files - What is the IMAGE_IMPORT_DESCRIPTOR Structure?

The Biggest Hacking Mystery of Our Time: Shadow Brokers
▶︎

The Biggest Hacking Mystery of Our Time: Shadow Brokers