diff --git a/CHANGELOG.md b/CHANGELOG.md
index de7e34ca7..56f33783a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,6 +16,8 @@
 ### Bug Fixes
 - cape: make some fields optional @williballenthin #2631 #2632
 - lint: add WARN for regex features that contain unescaped dot #2635
+- separate execution paths for all supported formats of `api` in `trim_dll_part` #1899 @v1bh475u
+- add test for `trim_dll_part` #1899 @v1bh475u
 
 ### capa Explorer Web
 
diff --git a/capa/rules/__init__.py b/capa/rules/__init__.py
index 9fa80a29e..df0c57677 100644
--- a/capa/rules/__init__.py
+++ b/capa/rules/__init__.py
@@ -580,11 +580,13 @@ def trim_dll_part(api: str) -> str:
     if ".#" in api:
         return api
 
+    # .NET namespace, like System.Diagnostics.Debugger::IsLogging, keep the namespace part
+    if "::" in api:
+        return api
+
     # kernel32.CreateFileA
     if api.count(".") == 1:
-        if "::" not in api:
-            # skip System.Convert::FromBase64String
-            api = api.split(".")[1]
+        api = api.split(".")[1]
     return api
 
 
diff --git a/tests/test_rules.py b/tests/test_rules.py
index 0361621cf..847d6ac40 100644
--- a/tests/test_rules.py
+++ b/tests/test_rules.py
@@ -1653,3 +1653,15 @@ def test_circular_dependency():
     ]
     with pytest.raises(capa.rules.InvalidRule):
         list(capa.rules.get_rules_and_dependencies(rules, rules[0].name))
+
+
+def test_trim_dll_part():
+    from capa.rules import trim_dll_part
+
+    assert trim_dll_part("GetModuleHandle") == "GetModuleHandle"
+    assert trim_dll_part("kernel32.CreateFileA") == "CreateFileA"
+    assert trim_dll_part("System.Convert::FromBase64String") == "System.Convert::FromBase64String"
+    assert trim_dll_part("System.Diagnostics.Debugger::IsLogging") == "System.Diagnostics.Debugger::IsLogging"
+    assert trim_dll_part("ws2_32.#1") == "ws2_32.#1"
+    assert trim_dll_part("Debugger::IsLogging") == "Debugger::IsLogging"
+    assert trim_dll_part("kernel32.ws2.#1") == "kernel32.ws2.#1"