[Reverse Engineering Tips] — Analyzing a DLL in x64DBG

Thomas Roccia
Jan 10, 2020 · 2 min read

This blog is a quick tips about how to load a dll in x64dbg in order to debug it and analyse it. In this example we will use a random dll called “example.dll”

Locate the exported function you want to analyse

Here I am using PEbear but you can use any other PE tool.

Image for post
Image for post

We will use the function DllRegisterServer with the ordinal 1.

Start debugging rundll32.exe with x64dbg

Rundll32.exe is a Windows system file used to load and run dynamic-link libraries (DLLs).

The first step is to load rundll32.exe into x64dbg.

Image for post
Image for post

Select “Change Command Line”

Image for post
Image for post

Enter the path of your DLL with the exported function

Image for post
Image for post

Go to Option -> Preferences and select “DLL Entry Point”

Image for post
Image for post

Run F9 until you reach the DLL you want to analyse

Check the name of the module you reach on the top of the Window.

Image for post
Image for post

That’s it! You can now debug your dll. I will occasionally post some tips like that on my medium. For more stuff such as this one you can follow me on Twitter @fr0gger_

BlackFr0g

Some posts about security, malware, reverse engineering

Sign up for Threat Intelligence Briefing

By BlackFr0g

Get latest news about threat intel, malware analysis tips and reverse engineering Take a look

Check your inbox
Medium sent you an email at to complete your subscription.

Thomas Roccia

Written by

Security Researcher

BlackFr0g

BlackFr0g

Some posts about security, malware, reverse engineering

Thomas Roccia

Written by

Security Researcher

BlackFr0g

BlackFr0g

Some posts about security, malware, reverse engineering

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store