home

Blade Monitor.EXE

Blade Gaming Keyboard

Siliten Electronics CO.,LTD

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘GREED WOLF’.
Publisher:
Siliten Electronics CO.,LTD  (signed and verified)

Product:
Blade Gaming Keyboard

Description:
Blade Gaming Keyboard Monitor

Version:
1, 0, 0, 1

MD5:
d43b0971e8b46f948778bab7853afd2a

SHA-1:
8b7dd144adb3d3971b4bea39db71f199a14b1ec5

SHA-256:
b06048e1e946c921bc6436a0e156ee5ce9143763a1306bee7c6f7511bfe6be55

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:44:15 AM UTC  (today)

File size:
547.6 KB (560,768 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2009

Original file name:
Blade Monitor.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\greed wolf\greed wolf blade\blade monitor.exe

Digital Signature
Signed by:
Siliten Electronics CO.,LTD

Authority:
VeriSign, Inc.

Valid from:
1/3/2013 8:00:00 AM

Valid to:
1/4/2014 7:59:59 AM

Subject:
CN="Siliten Electronics CO.,LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Siliten Electronics CO.,LTD", L=Dongguan, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7564AD0438F8DBB69701545E7182BE55

File PE Metadata
Compilation timestamp:
5/7/2013 11:49:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:6akza6H86KLYU9tJclqqgNdPDEtTX36XT:6agctHcM3dPDgTAT

Entry address:
0x13897

Entry point:
55, 8B, EC, 6A, FF, 68, 98, 70, 43, 00, 68, 90, 8D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, C4, 42, 43, 00, 33, D2, 8A, D4, 89, 15, EC, 42, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, E8, 42, 44, 00, C1, E1, 08, 03, CA, 89, 0D, E4, 42, 44, 00, C1, E8, 10, A3, E0, 42, 44, 00, 6A, 01, E8, E0, 53, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 65, 32, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
4.8147

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
204 KB (208,896 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
GREED WOLF

Command:
"C:\Program Files\greed wolf\greed wolf blade\blade monitor.exe"


Scan Blade Monitor.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.