» RivalGaming.dll
Overview
Analysis
File Details
Behaviors (1)

RivalGaming.dll

Gaming Add-on

RivalGaming

The module RivalGaming.dll has been detected as a potentially unwanted program by 32 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘RivalGaming Games’.

File name:

RivalGaming.dll

Publisher:

RivalGaming

Product:

Gaming Add-on

Version:

2.1.0

MD5:

9863df6b1cdea4567c580fd16967e69a

SHA-1:

3d8d00d2787bafa70330fb6f4cb1e7c6b89d8a4d

SHA-256:

ef488b4212c3d85f44e96c8573569da1249ff16f42383a659a4c23418b114288

Scanner detections:

32 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 11:18:50 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.Elzob.14387

5696344

Agnitum Outpost

Adware.EpicGames

7.1.1

AhnLab V3 Security

Adware/Win32.EpicGames

2015.11.28

Avira AntiVirus

ADWARE/Gamevan.8879

8.3.2.4

Arcabit

Trojan.Adware.Graftor.Elzob.D3833

1.0.0.624

avast!

Win32:Gamevance-DY [PUP]

151024-0

AVG

Adware Skodna.Gamevance.QT

2015.0.4460

Bitdefender

Gen:Variant.Adware.Graftor.Elzob.14387

1.0.20.1655

Clam AntiVirus

Win.Adware.Gamevance-108

0.98/21102

Comodo Security

ApplicUnwnt.Win32.AdWare.GameVance.FGJ

23668

Dr.Web

Trojan.Siggen4.36386

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.Elzob.14387

10.0.0.5366

ESET NOD32

Win32/Adware.Gamevance.DB potentially unwanted application

7.0.302.0

F-Prot

W32/RivalGame.A.gen

4.6.5.141

F-Secure

Gen:Variant.Adware.Graftor

5.15.21

G Data

Gen:Variant.Adware.Graftor.Elzob.14387

15.11.25

IKARUS anti.virus

AdWare.GameVance

t3scan.1.9.5.0

K7 AntiVirus

Riskware

13.212.17993

Kaspersky

not-a-virus:AdWare.Win32.EpicGames

15.0.0.562

McAfee

GameVance.gen.be

5600.6568

MicroWorld eScan

Gen:Variant.Adware.Graftor.Elzob.14387

16.0.0.993

NANO AntiVirus

Trojan.Win32.Siggen4.bciuvw

0.30.26.4751

Norman

Gen:Variant.Adware.Graftor.Elzob.14387

07.10.2015 03:16:12

nProtect

Trojan-Clicker/W32.Graftor.115200

15.11.27.01

Qihoo 360 Security

QVM30.1.Malware.Gen

1.0.0.1077

Quick Heal

Adware.EpicGames.A5

11.15.14.00

Rising Antivirus

PE:Malware.EpicGames!6.153 [F]

23.00.65.151125

SUPERAntiSpyware

PUP.Gamevance

9482

Total Defense

Win32/Tnega.JCYUBGC

37.1.62.1

Vba32 AntiVirus

AdWare.EpicGames

3.12.26.4

VIPRE Antivirus

Threat.4150696

45208

Zillya! Antivirus

Adware.EpicGames.Win32.62

2.0.0.2536

File size:

112.5 KB (115,200 bytes)

Product version:

2.1.0

Original file name:

RivalGaming.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\rivalgaming\rivalgaming.dll

File PE Metadata

Compilation timestamp:

11/9/2012 5:29:44 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:E61ZwJmGLVudgcvQ/GhjjHloTiQDEDLEJJlQS5cVK05+8rpi9db:EIZwJmlo/AUxJJlOV/5+Ld

Entry address:

0x7F8B

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 75, 33, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 10, AE, 01, 10, 89, 0D, 0C, AE, 01, 10, 89, 15, 08, AE, 01, 10, 89, 1D, 04, AE, 01, 10, 89, 35, 00, AE, 01, 10, 89, 3D, FC, AD, 01, 10, 66, 8C, 15, 28, AE, 01, 10, 66, 8C, 0D, 1C, AE, 01, 10, 66, 8C, 1D, F8, AD, 01, 10, 66, 8C, 05, F4, AD, 01, 10, 66, 8C, 25, F0, AD, 01, 10, 66, 8C, 2D, EC, AD, 01, 10, 9C, 8F, 05, 20, AE... 
[+]

Entropy:

6.2548

Code size:

70 KB (71,680 bytes)

Internet Explorer BHO

Display name:

RivalGaming Games

CLSID:

{26D675AC-D925-4bbf-A720-62C2AA4A81EB}

Remove RivalGaming.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.