portnov
August 19th, 2005, 07:25 AM
Hi guys, i have an binary .exe file (32bit)
I need to find out what exactly it is doing (probably retrieving IP from remote server, pinging the IP and storing data in reg.(using win-shell).
I already tried to decompiling it with w32dasm/IDA pro but i cannot get the remote server ip/ local store destination and the exec steps/commands its running...
So.. my next step was to run it in sendbox and look at the log, the only real sandbox i know is linux/wine /w full logging - the problem is wine cannot find the entry point:(
So... Any of you know how can i get the data if not the source or name of "sandbox" program (win-based)...
Ideas? thanks...
I need to find out what exactly it is doing (probably retrieving IP from remote server, pinging the IP and storing data in reg.(using win-shell).
I already tried to decompiling it with w32dasm/IDA pro but i cannot get the remote server ip/ local store destination and the exec steps/commands its running...
So.. my next step was to run it in sendbox and look at the log, the only real sandbox i know is linux/wine /w full logging - the problem is wine cannot find the entry point:(
So... Any of you know how can i get the data if not the source or name of "sandbox" program (win-based)...
Ideas? thanks...