Update code to handle 4.1 obfuscated assemblies

de4dot.code/deobfuscators/dotNET_Reactor/MethodsDecrypter.cs

@@ -74,6 +74,8 @@ namespace de4dot.deobfuscators.dotNET_Reactor {
 					var key = new MethodReferenceAndDeclaringTypeKey(method);
 					if (!checkedMethods.ContainsKey(key)) {
 						checkedMethods[key] = true;
+						if (info.Item1.BaseType == null || info.Item1.BaseType.FullName != "System.Object")
+							continue;
 						if (!DotNetUtils.isMethod(method, "System.Void", "()"))
 							continue;
 						if (!encryptedResource.couldBeResourceDecrypter(method, additionalTypes))
@@ -111,6 +113,7 @@ namespace de4dot.deobfuscators.dotNET_Reactor {
 			int patchCount = methodsDataReader.ReadInt32();
 			int mode = methodsDataReader.ReadInt32();
 			if (!useXorKey || mode == 1) {
+				// Here if DNR 4.0, 4.1
 				for (int i = 0; i < patchCount; i++) {
 					uint rva = methodsDataReader.ReadUInt32();
 					uint data = methodsDataReader.ReadUInt32();

de4dot.code/deobfuscators/dotNET_Reactor/StringDecrypter.cs

@@ -107,8 +107,10 @@ namespace de4dot.deobfuscators.dotNET_Reactor {
 				return;
 			this.peImage = peImage;
 
-			foreach (var info in decrypterInfos)
+			foreach (var info in decrypterInfos) {
+				simpleDeobfuscator.deobfuscate(info.method);
 				findKeyIv(info.method, out info.key, out info.iv);
+			}
 
 			encryptedResource.init(simpleDeobfuscator);
 			decryptedData = encryptedResource.decrypt();
@@ -128,6 +130,8 @@ namespace de4dot.deobfuscators.dotNET_Reactor {
 				var calledMethod = info.Item2;
 				if (calledMethod.DeclaringType != method.DeclaringType)
 					continue;
+				if (calledMethod.MethodReturnType.ReturnType.FullName != "System.Byte[]")
+					continue;
 				var localTypes = new LocalTypes(calledMethod);
 				if (!localTypes.all(requiredTypes))
 					continue;