Just a note for me ... 1 of many .... Getting EP manually

How to get Portable Executable entry point manually ...

1. Get entry point value (4 bytes)
-> MZ + 3C = PE offset
-> PE + 28 = Entry point (EP)
2. Identify which section the EP value will fall within RVA + Virtual Size
3. Subtract the section RVA to EP value
4. Add the pointer to raw data of the section where EP can be found.