Dynamic Analysis

Dynamic analysis, in terms of Deobfuscation refers to the process of understanding and reversing obfuscated code by executing it in a controlled environment.

This approach contrasts Static Analysis|static analysis which involves examining the code without running it. Dynamic analysis is crucial for deobfuscation because it allows the observation of the actual behaviour of the code during execution, which can reveal insights that static analysis might miss.

The obfuscated code is executed in a controlled, isolated environment to observe its runtime behaviour without risking the security of the main system.

Dynamic analysis involves monitoring the program's behaviour in real-time, including changes to memory, file systems, network activities, and system processes.