home

msrtm.dll

Microsoft

The library msrtm.dll has been detected as malware by 3 anti-virus scanners.
Product:
Microsoft

Version:
1, 0, 0, 1

MD5:
52cf880d7f4344c2988c4d69460adaab

SHA-1:
6178983d4549134f0dd893f2cbffd578d2d8eb90

SHA-256:
a4548cd990b1fe7b9eead5804b9bb8003dfe2e2bd42104678df05579ba463d71

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/27/2024 4:05:49 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.Keydo
4.0.3.141121

ESET NOD32
Win32/TrojanDownloader.Keydo.A trojan
7.0.302.0

Malwarebytes
Trojan.Downloader
v2014.11.21.09

File size:
280 KB (286,720 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2013

Original file name:
Microsoft

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\common files\system\ado\msrtm.dll

File PE Metadata
Compilation timestamp:
11/13/2014 7:31:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:zmVMep+tApj/pH7O5kyMDdS0zfEeftyqg:SVMexpNO5nmdbtfo7

Entry address:
0x2340

Entry point:
FF, 74, 24, 0C, FF, 74, 24, 0C, FF, 74, 24, 0C, E8, 0F, 00, 00, 00, C2, 0C, 00, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, B8, 01, 00, 00, 00, C2, 0C, 00, 90, 90, 90, 90, 90, 90, 90, 90, A1, A8, 72, 03, 10, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, B8, A8, 74, 03, 10, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 56, 8B, F1, 6A, 00, E8, 66, 26, 00, 00, C7, 06, E0, 74, 03, 10, 8B, C6, 5E, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 56, 8B, F1, E8, 18, 00, 00, 00, F6, 44, 24, 08, 01, 74, 09, 56...
 
[+]

Entropy:
6.3976

Code size:
216 KB (221,184 bytes)

Remove msrtm.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.