Use DIE, CFF explorer to conduct the static analysis. Reverse C/C++ ghidra Reverse C# dnspy ILSpy dotPeek After decompiling Export the decompiled code to Microsoft Visual studio/Microsoft Visual Code, setup a remote server, try to debug the source code. Other tools for the debugging API Monitor ollydbg ⇢ attach the process for debugging Wireshark Others Feodo TrackerFeodo Tracker tracks botnet C&Cs associated with Emotet (aka Heodo), Dridex, TrickBot and QakBot GitHub - hasherezade/pe-sieve: Scans a given process. Recognizes and dumps...