home

blastersound64bits.exe

Java corporate

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘07H398DC’.
Publisher:
Java corporate  (signed and verified)

Version:
1.0.0.0

MD5:
7c92b6589eefb7bc11ef18f63683d37f

SHA-1:
0463e8508ae0d5a60159eeb73f2ef0d5269a86bb

SHA-256:
3e892dfc51005196f70b1985d970054283aea06e6514b72c91e6b3cb9b98a2ab

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 9:14:26 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Kryptik.FPTV trojan
6.3.12010.0

File size:
4.9 MB (5,104,376 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\blastersound64bits.exe

Digital Signature
Signed by:
Java corporate

Authority:
Java corporate

Valid from:
3/14/2017 10:46:27 AM

Valid to:
3/14/2018 10:46:27 AM

Subject:
CN=Java corporate, O=Java corporate, C=BR

Issuer:
CN=Java corporate, O=Java corporate, C=BR

Serial number:
01

File PE Metadata
Compilation timestamp:
3/16/2017 8:10:34 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x69D000

Entry point:
EB, 04, 1B, 84, 10, A0, 50, EB, 03, FE, 1E, E6, E8, 16, 00, 00, 00, EB, 04, A1, 89, 76, 19, EB, 02, 2D, 79, 33, C0, EB, 03, 31, AD, 1A, 71, 61, EB, 01, 3A, EB, 01, 8A, B8, 34, 48, 09, F7, EB, 04, 00, 95, 65, D1, EB, 03, BB, 06, E9, 05, CC, B7, F6, 08, EB, 02, A0, FC, 75, 40, EB, 03, 31, B8, 12, 64, FF, 30, EB, 05, 20, A0, CB, F5, 0E, 64, 89, 20, EB, 04, 32, 1D, BA, 2D, EB, 02, C4, 75, 8B, 10, EB, 02, 0D, 3D, 64, 8F, 00, EB, 04, DC, AD, EB, 71, 83, C4, 04, EB, 01, DA, 58, EB, 05, 08, 99, 8B, 02, C1, C3, EB...
 
[+]

Code size:
2.9 MB (3,010,048 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
07H398DC

Command:
C:\users\{user}\appdata\local\blastersound64bits.exe


Scan blastersound64bits.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.