https://bugs.winehq.org/show_bug.cgi?id=55955
Fabian Maurer dark.shadow4@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |obfuscation CC| |dark.shadow4@web.de
--- Comment #3 from Fabian Maurer dark.shadow4@web.de --- When running in a clean WINEPREFIX I get
at _9OA._bh (System.Diagnostics.ProcessModule , System.IntPtr , System.String ) [0x000fa] in <3761aa8afd52472ab51210ad57dc01a3>:0 at _9OA._Gx[] (System.Diagnostics.ProcessModule , System.String , System.String , _9OA+_9Jb , System.Func`2[T,TResult] ) [0x000c7] in <3761aa8afd52472ab51210ad57dc01a3>:0 at _9OA._o6[] (System.Diagnostics.ProcessModule , System.String , System.Int32 , System.Func`2[T,TResult] ) [0x0001e] in <3761aa8afd52472ab51210ad57dc01a3>:0 at _yJb._yKA () [0x00044] in <3761aa8afd52472ab51210ad57dc01a3>:0 at _u6A._jib () [0x0023a] in <3761aa8afd52472ab51210ad57dc01a3>:0
Is that the same for you?
The application is obfuscated, here some tools to help: https://lallouslab.net/2019/07/08/a-walkthrough-to-deobfuscating-a-confusere... Especially ConfuserExSwitchKiller
Then you can use https://github.com/Techlord-RCE/ConfuserEx-Static-String-Decryptor to decrypt the strings...
If I understand correctly, the C# program parses its loaded dlls manually. Then it tries to patch those native DLLs to hook them in managed code (yes really). And when it can't find/patch the function it throws a DllNotFoundException