Kode
.text:0040861B push ebp
.text:0040861C mov ebp, esp
.text:0040861E sub esp, 8
.text:00408621 mov [ebp-8], ecx
.text:00408624 push 1
.text:00408626 push 0
.text:00408628 push offset aHttpWww_respon ; "http://www.respondus.com/browser/ie.pl"
.text:0040862D push offset aIexplore_exe ; "iexplore.exe"
.text:00408632 push 0
.text:00408634 mov ecx, [ebp-8]
.text:00408637 call sub_406EF0
.text:0040863C push eax
.text:0040863D call ds:ShellExecuteA
.text:00408643 mov [ebp-4], eax
.text:00408646 cmp dword ptr [ebp-4], 20h
.text:0040864A jg short loc_408660
.text:0040864C push 0
.text:0040864E push 0
.text:00408650 push 16h
.text:00408652 call sub_40D85A
.text:00408657 add esp, 4
.text:0040865A push eax
.text:0040865B call sub_47297C
.text:00408660
Ser ut som appen bruker noe som kalles "LockDown Browser" -> den bruker bare internet explorer (lol);
Skal prøve å finne ut litt mer.