Malware Analysis . NETReactor deobfuscation and configuration extraction of Agent Tesla

This is the sample that we unpacked in the previous episode. It is obfuscated with. NETReactor. We use Shed to obtain decrypted strings and get an idea of what it is doing. Removing the obfuscation with NetReactorSlayer does not work out of the box. Is there a way we make it work to obtain the configuration values Tools: DnSpy, Shed, PortexAnalyzer, SystemInformer, NetReactorSlayer Malware course: Twitter: