rld.dll

The module rld.dll has been detected as a potentially unwanted program by 18 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Pro Evolution Soccer 2014 version Pro Evolution Soccer 2014 by SarirGame, Inc. and BOSS by BOSS Development Team. The file has been seen being downloaded from download1215.mediafire.com and multiple other hosts.
MD5:
c21c2c8532c84eda08284a929fb0a149

SHA-1:
7adfee068f555a9be6276b7376e6acf47a49a1e5

SHA-256:
c8207a78ef2bb104f78daa159fc5ac1986ca812621596ca7c67c0f9773efa1e0

Scanner detections:
18 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 3:40:30 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Agent
2013.12.25

avast!
Win32:PatchDll-A [PUP]
2014.9-131224

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.131224

Bkav FE
W32.Clod8a4.Trojan
1.3.0.4613

Comodo Security
UnclassifiedMalware
17491

ESET NOD32
Win32/Packed.VMProtect.AAH (variant)
8.9190

Fortinet FortiGate
W32/Generic
1/1/2014

K7 AntiVirus
Riskware
13.174.10623

McAfee
Artemis!C21C2C8532C8
5600.7271

Microsoft Security Essentials
VirTool:Win32/Obfuscator.XZ
1.165.247.01

Norman
Troj_Generic.PJNTO
11.20131224

Panda Antivirus
Trj/Thed.W
14.01.01.10

Reason Heuristics
Threat.Win.Reputation.IMP
14.4.9.0

Sophos
Mal/Generic-S
4.96

Trend Micro House Call
TROJ_SPNR.0CJD13
7.2.358

Trend Micro
TROJ_SPNR.0CJD13
10.465.24

VIPRE Antivirus
Trojan.Win32.Generic
24710

ViRobot
Trojan.Win32.S.Agent.453120.B
2011.4.7.4223

File size:
442.5 KB (453,120 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\rld.dll

File PE Metadata
Compilation timestamp:
5/7/2013 5:22:26 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:4z18gckXWT1IW25c1EsKWgKQye1a/5ddxp2Jqz3Y7R:4z11hmTp25rMQy7/5Hxaqz3O

Entry address:
0xD840

Entry point:
B8, 01, 00, 00, 00, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, E9, 8C, 23, 04, 00, 60, 66, 0F, B6, D0, 0F, B6, D3, 87, 5C, 24, 20, 66, 0F, BE, D3, 9C, 66, F7, D2, 66, 0F, B6, D9, 87, 7C, 24, 20, 8D, 9D, D8, F0, 95, 04, 0F, 92, C2, 89, 74, 24, 1C, 68, 66, EF, 75, E6, 89, 6C, 24, 1C, 66, 0F, CF, 0F, 96, C3, 66, F7, D3, 89, 74, 24, 18, 0F, 96, C7, 9C, 0F, B6, F0, 89, 44, 24, 18, 8D, 64, 24, 18, 52, 66, 0F, CA, 66, 87, D5, 66, 89, 14, 24, F3, 9C, 8F, 04, 24, 66, C1, CE, 02, 66, F7, D6, 0F, BA, EE, 15, 0F, 8A...
 
[+]

Entropy:
7.7158  (probably packed)

Code size:
64 KB (65,536 bytes)

The file rld.dll has been discovered within the following programs.

BOSS  by BOSS Development Team
A plugin load order optimiser for TES III: Morrowind, TES IV: Oblivion, Nehrim - At Fate's Edge, TES V: Skyrim, Fallout 3 and Fallout: New Vegas.
better-oblivion-sorting-software.googlecode.com
About 1% of users remove it
www.pes-serbia.com
About 5% of users remove it
www.sarirgame.ir
About 1% of users remove it
 
Powered by Should I Remove It?

The file rld.dll has been seen being distributed by the following 10 URLs.

http://download1215.mediafire.com/8l040ft18gvg/.../rld.dll

https://mega.nz/temporary/.../09lWjICS

blob:F5A59028-046E-499A-901D-7DC83B124E07

https://mega.nz/temporary/.../3M1QlALL

https://dl-web.dropbox.com/get/.../rld.dll?w=AABcdPPT8X4K9Ss3-7D2hmSe5RiFSB-NM3QAChwzbc1v9Q&dl=1&_subject_uid=159466501

http://s6307.chomikuj.pl/File.aspx?e=za8UluTQrlI_wjIVNq_OUK0S_4VzcEagHYvaZHjp4hDHB2cC_lAZhMa_SBbUQkl5yeI2ZufKghv5NdwMreUlbzcbdxQAzJYraKAzDVNX9ValK8wH2PnS75GEFxciU2R1&pv=2

about:internet

Remove rld.dll - Powered by Reason Core Security