Not sure if I’m using accurate terminology but trying to learn.
Setup a vm playground (win10) to run infected exe file.
It appears to be infected with njrat/Bladabindi.
It won’t launch in sandbox and cause app misbehavior..probably by design.
It seems the simple choice is to delete the file but I’m curious in situations where the infected file is important what other options are.
I want to know if it’s possible to disinfect executable file back to its virgin state or stop identified payloads during launch of exe?