rld.dll

The module rld.dll has been detected as a potentially unwanted program by 10 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Lige 91-92 version Lige 91-92 by SarirGame, Inc. and Jelen Super Liga Patch by PES-Factory version v1 by PES-Factory. The file has been seen being downloaded from www71.zippyshare.com and multiple other hosts.
MD5:
406659743a5c8ea477e9b101817fc9ba

SHA-1:
dfa2d94780339523d9b6a9745ddfa9f9bec2137f

SHA-256:
b3ea502d7b7a6d596f40e6a7fcd1e2ebea902e5fad8e47ef49ff697c5d52acd9

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:38:58 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:PatchDll-A [PUP]
2014.9-131223

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.131223

Bkav FE
W32.Clod52d.Trojan
1.3.0.4613

ESET NOD32
Win32/HackTool.Crack.BB
7.9252

K7 AntiVirus
Hacktool
13.175.10735

McAfee
Artemis!406659743A5C
5600.7272

Microsoft Security Essentials
VirTool:Win32/Obfuscator.XZ
1.165.247.01

Norman
Suspicious_Gen4.DGARC
11.20131223

Sophos
Generic PUA NP
4.96

VIPRE Antivirus
Trojan.Win32.Generic
25104

File size:
367 KB (375,808 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\rld.dll

File PE Metadata
Compilation timestamp:
8/17/2012 12:36:34 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:0q/YCrWCdWTBywRUrau0dSqZ4u1FZN6ZaB3SXElxOtdQsANVjK07QQs:h/hWCdWTMwioSqG8pcM3SXEqAHpEQ

Entry address:
0xA380

Entry point:
B8, 01, 00, 00, 00, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, E9, 49, D6, 04, 00, 88, 0C, 24, 60, F3, A4, F5, 8B, 7C, 24, 30, 66, 89, 04, 24, 66, FF, C6, 66, D3, FE, F7, DE, 8B, 74, 24, 34, FD, FF, 74, 24, 38, 9D, 66, C7, 44, 24, 0C, A9, FB, FF, 74, 24, 04, 9C, 8D, 64, 24, 44, E9, 24, 84, 01, 00, 87, 74, 24, 10, 68, B7, 9F, 2C, D1, 66, 0F, CE, FF, 34, 24, 8D, 64, 24, 18, 54, 8D, B1, 29, 6E, 4B, 57, 66, 0F, CE, 66, 89, EE, F3, 9C, 9C, 66, 0F, CE, 89, 0C, 24, 66, 0F, CE, 66, D3, C6, 66, 81, EE, 58, 8D, FF...
 
[+]

Entropy:
7.6442

Code size:
51 KB (52,224 bytes)

The file rld.dll has been discovered within the following programs.

www.sarirgame.ir
About 9% of users remove it
About 9% of users remove it
www.pes-factory.com
About 1% of users remove it
Lige 91-92 version Lige 91-92  by SarirGame, Inc.
About 9% of users remove it
PES 2013 AFC  by NewTech Infosystems
www.NewTech.com
About 7% of users remove it
PES 2013 IPL  by NewTech Infosystems
www.newtech.ws
About 2% of users remove it
PGL 91-92 version PGL 91-92  by AsreBazi, Inc.
PGL 91-92 version PGL 91-92 is a PC video game distributed by AsreBazi, an Iranian video game portal, with permission from the National Foundation for Computer Games. The game contains various Farsi translations.
www.asrebazi.com
About 7% of users remove it
This is a repack of the orignal game.
www.vvalworld.com
About 2% of users remove it
About 1% of users remove it
 
Powered by Should I Remove It?

The file rld.dll has been seen being distributed by the following 10 URLs.

http://www71.zippyshare.com/d/36035484/.../rld.dll

Remove rld.dll - Powered by Reason Core Security