cmp edx 0x5a4d checking two bytes in memory for 4D5A is a common step for malicious loaders that deobfuscate a Windows executable in memory and is one way that the loader confirms it correctly decoded an executable.
To dynamically debug a DLL: open f.e. rundll32.exe in x32dbg, change the command line to include the DLL with the exported function, and in settings, check DLL Entry. Then restart the debugging and run. Then, to move to the exported function of interest, click Symbols, select the DLL, select the function of interest.
To find an interesting assembly instruction, select the address of the instruction in f.e. Ghidra, in the ‘Command’ bar, type bp copiedaddress. Then, run until that breakpoint, follow the GPR in dump (like ECX), then follow Memory Map, then Dump Memory to File