Introduction DotNetMe is obviously a Windows reverse task.
Two binaries are provided:
A PE32+ executable file (console) Another PE32+ DLL Both binary are .NET binaries are expected and are heavily obfuscated.
Technical details At first, we could see that both of the binaries are obfuscated and hard to read:
In fact, the symbol names are displayed in some kind of Unicode and all the logic is behind a “state machine”.
