Unpacking a NanoCore RAT using DnSpy and MegaDumper.
Malware analysis courses: https://malwareanalysis-for-hedgehogs.learnworlds.com/courses
Buy me a coffee: https://ko-fi.com/struppigel
Follow me on Twitter: https://twitter.com/struppigel
Tools:
DnSpy: https://github.com/0xd4d/dnSpy/releases
MegaDumper: https://forum.tuts4you.com/topic/31899-unpackers-tools-source-code-c/
ILSpy: http://ilspy.net/
PEStudio: https://winitor.com/
HxD: https://mh-nexus.de/en/hxd/
ProcessExplorer: https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx
Sample: 1133f6733e11912077772e85fa6fcaca214b24054378d178db48d54ee51b038d
https://www.hybrid-analysis.com/sample/1133f6733e11912077772e85fa6fcaca214b24054378d178db48d54ee51b038d?environmentId=100
