- Dec 27, 2018
- 5
Hello Fellow Engineers, I recently downloaded a file from Microsoft blog Event ID 1085 from “Internet Explorer Zonemapping” Part 2 – ZoneMap Troubleshoot tool and tried to execute it but, the program did not show up in my system processes nor in programs.
So, I uploaded this executable to virus-total and 2 engines shows its a Trojan. I took this one as my opportunity and started reverse engineering using IDA pro tool and I am looking at the functions but, as I am new to reverse engineering, I am not sure which processes to look into.
So far, all I know is, it is a 32 bit executable and the code is assembly language.
Any thoughts or suggestions would help.
So, I uploaded this executable to virus-total and 2 engines shows its a Trojan. I took this one as my opportunity and started reverse engineering using IDA pro tool and I am looking at the functions but, as I am new to reverse engineering, I am not sure which processes to look into.
So far, all I know is, it is a 32 bit executable and the code is assembly language.
Any thoughts or suggestions would help.