» gsrld.dll
Overview
Analysis
File Details
Downloads (5)

gsrld.dll

The library gsrld.dll has been detected as malware by 16 anti-virus scanners. The file has been seen being downloaded from s7024.chomikuj.pl and multiple other hosts.

File name:

gsrld.dll

MD5:

60bc8b6000afaec96398c7be56eddbe3

SHA-1:

886e36c6f04f391e2e90a05f73c8ec05e0a61a3e

SHA-256:

e810d293a9a3fb66b67d6be232c3e131a825a4ccd86dfd8fafa567a8d162fa65

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

1/9/2025 7:50:31 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.VMProtect

7.1.1

Avira AntiVirus

TR/Obfuscate.XZ.9793

7.11.133.78

Baidu Antivirus

Trojan.Win32.VMProtect

4.0.3.14224

Dr.Web

Trojan.MulDrop5.133

9.0.1.05190

ESET NOD32

Win32/HackTool.Crack.CZ potentially unsafe application

8.0.319.0

Fortinet FortiGate

W32/Generic

2/24/2014

IKARUS anti.virus

Win32.Trojan

t3scan.2.2.29

McAfee

Generic.dx!60BC8B6000AF

5600.7210

NANO AntiVirus

Trojan.Win32.Thed.baxnqp

0.28.0.57630

Norman

Suspicious_Gen4.BKLZO

11.20140224

Panda Antivirus

Trj/Thed.W

14.02.24.06

Rising Antivirus

PE:Trojan.Win32.Generic.135C6DB2!324824498

23.00.65.14222

Sophos

Mal/Generic-S

4.97

Trend Micro House Call

TROJ_SPNR.0BJ713

7.2.55

Trend Micro

TROJ_SPNR.0BJ713

10.465.24

VIPRE Antivirus

Trojan.Win32.Generic

26760

File size:

154.5 KB (158,208 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\rockstar games\max payne 3\gsrld.dll

File PE Metadata

Compilation timestamp:

6/1/2012 1:27:18 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:MFgESaej87GQ5kimQT8QbS3tpQioyTBZcQvOZRzcantvg/+:iWL87F5jTnO9qOBZLScKtu

Entry address:

0x1A10

Entry point:

B8, 01, 00, 00, 00, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, E9, 15, 26, 02, 00, 66, 98, F8, F9, 98, 83, EC, C0, 0F, 8B, 30, E6, 00, 00, 83, ED, 04, 53, E8, 94, 66, 01, 00, 66, 0F, BA, E2, 0A, FF, 75, 00, 9C, 66, 0F, A3, DD, 68, AA, 3C, 4D, 0D, 83, C5, 04, F8, 60, FF, 74, 24, 28, 9D, 9C, 51, 8D, 64, 24, 34, E9, A6, 3C, 01, 00, D0, E8, C0, EA, 02, 66, 0F, AB, C8, C0, EA, 02, 8B, 45, 00, B2, DD, 8A, 55, 04, E9, AC, 03, 01, 00, 60, 9C, 89, 44, 24, 24, 68, 67, 64, FC, 08, E8, 2F, 7A, 00, 00, 83, ED, 04, C6... 
[+]

Entropy:

7.3015

Code size:

7 KB (7,168 bytes)

The file gsrld.dll has been seen being distributed by the following 5 URLs.

http://s7024.chomikuj.pl/File.aspx?e=uXFzvXsFVY8B2MVUuAFfTxZnY1rj9-WP5M_bDl0tloV8JVzPcohGveqo234_N7ldcph6NrnKbbdT354wytNhDdcwnyaNq2buYceoOxyj9FiDRqOAK4XlWqYyHeTc39OdS4azXy-c8R7VHO1_RNILcA&pv=2

http://s7024.chomikuj.pl/File.aspx?e=uXFzvXsFVY8B2MVUuAFfT7E-EAtE_4AKWrWrg-Fbp3t1a1OiLCbTQKI0VvuKAMEWjk5ozNj8ASuSG0fqwEO6rIELTXc8GWUr84VV8Q8dRB8TpPOnTjsus2rqZUBCiyRKBDDLxO4a4jb4B40pknhS1g&pv=2

http://s7024.chomikuj.pl/File.aspx?e=uXFzvXsFVY8B2MVUuAFfT7E-EAtE_4AKWrWrg-Fbp3sO1yt2UES6bDuoufRsFlpk6C0Cqws_qmfMMik6xwJSxbdvDb3tHi8-U-YizqPVR8P-B8LuJFJCHYE1_k0QEtHzniFbuuP9KxWm2vMmBK95HQ&pv=2

http://s10587.chomikuj.pl/File.aspx?e=uXFzvXsFVY8B2MVUuAFfT7E-EAtE_4AKWrWrg-Fbp3vd6soT5LhTAoOCH6MChiSmqF9uo9UDRMrDw57pkqu1UNVXQlh927THA7eb-GG7niEcmyNhQYy9F5si6il2Xb4KOaZqcv4vf9bdW4eu-UDo-w&pv=2

about:internet

Remove gsrld.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.