Can't Decompile .NET-built executable

Question

I have an executable that requires .NET Framework to run; I have used reflector and some popular decompilers but the can't read the executable;

Here's the manifest gotten using Resource Hacker ;

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>

Can someone tell me the appropriate tool to use to decompile this assembly or executable? It requires .NET to run. Thanks. I'm using this for educational purposes.

Answer 1

It sounds like the the executable may have been obfuscated (protected) against .NET decompliation/reflection tools such as Reflector, ILSpy, dotPeek etc.

There are several tools available that perform such protection, including Babel.NET and Dotfuscator.

You could try de4dot, which can 'deobfuscate' .NET assemblies that have been protected using several tools, including Crypto Obfuscator, Dotfuscator, NET Reactor and SmartAssembly.

Answer 2

That is a clickonce app.

First, you need to extract the content (dont recall if the '.app' is a CAB or ZIP). Then use Reflector or your favourite decompiler.

Answer 3

If Reflector can't decompile it, then it must have been obfuscated with a code obfuscation tool such as SmartAssembly or Dotfuscator.

In this case, there is no way to decompile the application.