Just throw the file in IDA and start from there.
So i have a dll library that doesnt like me. it contains detections that i need to get out so a bypass can be made.
i assume that im am either just using the wrong tools or missing a step. I know that the dll could be encrypted
or it contains a native/non-native mode assembly. I tried different tool to no avail.
CFF Explorer -
Just a bunch of craziness to me. lawl
PE Explorer -
i can read its imports, see dependencies etc.
.net reflector with reflexil -
.dll' is not a .NET module. -
.assembly scripthook
{
.hash algorithm 0x00000000
}
So, i am trying to get either the solution files (peferably) or find the detections in its library with PE explorer. (not sure where to look)
Just throw the file in IDA and start from there.