rldea.dll

The library rldea.dll has been detected as malware by 9 anti-virus scanners. Additionally, the file is typically installed by a number of programs including FIFA 13 version FIFA 13 by SarirGame, Inc. and Fifa 13 Repack V2 999 by El Kinderguapo. The file has been seen being downloaded from mega.nz and multiple other hosts.
MD5:
d82dbed37a13ac2981ff1f0ee2366bb7

SHA-1:
19b8ca2365a8414b4edc8a06170977f1dfd2ea2e

SHA-256:
a2f6bb0a91ab350a2ed93af4fe15d5a3957124c88c852071a1f86517404117e2

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/5/2024 8:00:57 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.131223

Bkav FE
W32.Clodfbd.Trojan
1.3.0.4613

ESET NOD32
Win32/HackTool.Crack.BA potentially unsafe application
6.3.12010.0

K7 AntiVirus
Hacktool
13.175.10750

McAfee
Artemis!D82DBED37A13
5600.7272

Microsoft Security Essentials
VirTool:Win32/Obfuscator.XZ
1.165.247.01

Norman
Suspicious_Gen4.DCNJF
11.20131223

Sophos
Generic PUA BJ
4.96

VIPRE Antivirus
Trojan.Win32.Generic
25158

File size:
134.5 KB (137,728 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\users\{user}\downloads\rldea.dll

File PE Metadata
Compilation timestamp:
10/7/2012 5:53:26 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:h77KtmKoxNMCyxvSZGd7VXgxDppqZ2ucosILWbAlBHu:1KtmKooPSZGfQ5pIQucosYWkl4

Entry address:
0x1C40

Entry point:
B8, 01, 00, 00, 00, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 33, C9, 33, D2, 33, FF, 39, 4D, 0C, 76, 2F, 53, FE, C1, 0F, B6, C9, 8A, 1C, 31, 47, 8D, 04, 1A, 0F, B6, D0, 8A, 04, 32, 88, 04, 31, 02, C3, 0F, B6, C0, 88, 1C, 32, 0F, B6, 1C, 30, 8B, 45, 08, 30, 5C, 07, FF, 3B, 7D, 0C, 72, D3, 5B, 5F, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, E9, 6F, EB, 01, 00, 86, C8, 9F, 66, 8B, 45, 00, D2, C9, 8A, 4D, 02, 9C, F6, C6, 85, 66, 0F, BA, E4, 06, 8D, 64, 24, 04, 0F, 81...
 
[+]

Entropy:
7.2853

Code size:
5 KB (5,120 bytes)

The file rldea.dll has been discovered within the following programs.

Doorways  by Saibot Studios
www.doorwaysgame.com
About 1% of users remove it
Fifa 13 Repack V2 999  by El Kinderguapo
duque.16mb.com
About 1% of users remove it
FIFA 13 version FIFA 13  by SarirGame, Inc.
www.sarirgame.ir
About 2% of users remove it
FIFA 2013 Ligue Bartar  by E.A Sports
www.E.ASports.com
About 5% of users remove it
 
Powered by Should I Remove It?

The file rldea.dll has been seen being distributed by the following 17 URLs.

https://mega.nz/persistent/.../HFBGxQJK

http://s8408.chomikuj.pl/File.aspx?e=8hxSu3iF4HfLpzK5MGVjjMc2NsDqvkGC5ZO27ZU343dFXvh_BdsWZdIAuvl-P4bTDy5AuUMkjYA3L47395SS5ZAeo-pV50cX8AgJppFpKQQryYtczJLsf7qRx2RfUCUkEvUgXDYyYRt2Tj9R2GXj2A&pv=2

http://www.dll-found.com/download/.../rldea.dll

http://s8408.chomikuj.pl/File.aspx?e=8hxSu3iF4HfLpzK5MGVjjMc2NsDqvkGC5ZO27ZU343dxEyi3yMTkKhGQ9cuIa5jvMvDg2WeVbW_mEMqPXKcmqk1nXZp95XVi-Y28MTD0iftud7Wii55VBLJLyFAt6gus3umFc_tcUpYd0S8NhpttVQ&pv=2

http://199.91.153.183/xwrwo4qx6z5g/.../rldea.dll

http://es.originaldll.com/.../40132.dll

about:internet

Remove rldea.dll - Powered by Reason Core Security