rld-ra3k.exe

The application rld-ra3k.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. The file has been seen being downloaded from download2054.mediafire.com and multiple other hosts.
MD5:
58dcccb946605891f9d063f1e0cc16ea

SHA-1:
378e604476e02cf155f193725bd3a28d028d5358

SHA-256:
fb54e28a9ea20132d153fc40faa55c95c8578b5d787dd55dd821031f62e99d6e

Scanner detections:
14 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 7:05:15 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod65f.Trojan
1.3.0.4923

F-Prot
W32/MalwareF.DGYI
v6.4.7.1.166

IKARUS anti.virus
not-a-virus:Keygen.bbc
t3scan.2.2.29

K7 AntiVirus
Riskware
13.175.10911

Malwarebytes
RiskWare.Tool.HCK
v2014.03.14.03

McAfee
Artemis!60BEB6EE9C05
5600.7192

Microsoft Security Essentials
1.165.247.01

Quick Heal
HackTool.Keygen (Not a Virus)
3.14.12.00

Rising Antivirus
PE:Trojan.Win32.Generic.12A81114!313004308
23.00.65.14312

Sophos
Troj/Keygen-DM
4.96

Trend Micro House Call
TROJ_SPNR.08JR11
7.2.73

Trend Micro
TROJ_SPNR.08JR11
10.465.14

VIPRE Antivirus
Trojan.Win32.Generic
25664

ViRobot
Backdoor.Win32.Bifrose.69632.S
2011.4.7.4223

File size:
8 KB (8,192 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\electronic arts\red alert 3\rld-ra3k.exe

File PE Metadata
Compilation timestamp:
1/25/2037 7:35:50 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
48:OEPihrMpVXv2pmL3L0Jacr6P0EC4/24kixRr2rV9bq7d1CZsZ2BxJt3G4MgnDuEh:nPixwhjg0ue0hkCZsZ23JtOXy

Entry address:
0x1000

Entry point:
6A, 00, E8, FB, 05, 00, 00, 85, C0, 74, 11, 33, DB, 53, 68, 25, 10, 40, 00, 53, 6A, 65, 50, E8, 34, 06, 00, 00, 61, 6A, 00, E8, E4, 05, 00, 00, C3, C8, 00, 00, 00, 53, 57, 56, 8B, 45, 0C, 83, F8, 10, 74, 25, 3D, 11, 01, 00, 00, 74, 2F, 3D, 10, 01, 00, 00, 74, 3E, 83, 3D, 36, 25, 40, 00, 01, 74, 05, E8, 11, 05, 00, 00, 33, C0, 5E, 5F, 5B, C9, C2, 10, 00, 6A, 00, FF, 75, 08, E8, DB, 05, 00, 00, 5E, 5F, 5B, C9, C2, 10, 00, 8B, 45, 10, 66, 3D, 02, 00, 74, E6, 66, 3D, E9, 03, 75, D7, E8, 2B, 00, 00, 00, EB, D0...
 
[+]

Entropy:
2.7473

Code size:
2 KB (2,048 bytes)

The file rld-ra3k.exe has been seen being distributed by the following 9 URLs.

http://download2054.mediafire.com/1xiar4zsrmsg/.../rld-ra3k.exe

Remove rld-ra3k.exe - Powered by Reason Core Security