Hello.
I ran a ZeuS binary in a virtual machine, but all I saw was the process briefly appearing in process explorer, and then disappearing. This could of course be the works of some sort of hook, but I doubt it.
So this is my question to anyone who have analyzed a ZeuS binary: Does it operate differently if it believe it is being executed in an emulated environment?
					
										
																										
            I ran a ZeuS binary in a virtual machine, but all I saw was the process briefly appearing in process explorer, and then disappearing. This could of course be the works of some sort of hook, but I doubt it.
So this is my question to anyone who have analyzed a ZeuS binary: Does it operate differently if it believe it is being executed in an emulated environment?
 
										