» rld-sim3.exe
Overview
Analysis
File Details
Downloads (24)

rld-sim3.exe

The application rld-sim3.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from api.asm.skype.com and multiple other hosts.

File name:

rld-sim3.exe

MD5:

42173a315cd5cb97ee2bdb1269c8f683

SHA-1:

f24f624c0a6c79ce53811770bab33a5ba4ba7569

SHA-256:

e45712f3e4d712b3281a799b056fd5b0acab659bf539aeb515b6971f6c6abf78

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/29/2024 5:53:01 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.Clod65f.Trojan

1.3.0.4923

F-Prot

W32/MalwareF.DGYI

v6.4.7.1.166

IKARUS anti.virus

not-a-virus:Keygen.bbc

t3scan.2.2.29

K7 AntiVirus

Riskware

13.175.10911

Malwarebytes

RiskWare.Tool.HCK

v2014.04.05.02

McAfee

Artemis!60BEB6EE9C05

5600.7170

Microsoft Security Essentials

HackTool:Win32/Keygen

1.165.247.01

Quick Heal

HackTool.Keygen (Not a Virus)

4.14.12.00

Rising Antivirus

PE:Trojan.Win32.Generic.12A81114!313004308

23.00.65.14403

Sophos

Troj/Keygen-DM

4.96

Trend Micro House Call

TROJ_SPNR.08JR11

7.2.95

Trend Micro

TROJ_SPNR.08JR11

10.465.05

VIPRE Antivirus

Trojan.Win32.Generic

25664

ViRobot

Backdoor.Win32.Bifrose.69632.S

2011.4.7.4223

File size:

8 KB (8,192 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\electronic arts\the sims 3\game\bin\rld-sim3.exe

File PE Metadata

Compilation timestamp:

1/25/2037 1:35:50 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

48:OEPihrMpVXv2pmL3L0Jacr6P0EC4/24kixRr2rV9bqNd1KZsZ2BxJt3G4MgnDuEh:nPixwhjg0ue0haKZsZ23JtOXy

Entry address:

0x1000

Entry point:

6A, 00, E8, FB, 05, 00, 00, 85, C0, 74, 11, 33, DB, 53, 68, 25, 10, 40, 00, 53, 6A, 65, 50, E8, 34, 06, 00, 00, 61, 6A, 00, E8, E4, 05, 00, 00, C3, C8, 00, 00, 00, 53, 57, 56, 8B, 45, 0C, 83, F8, 10, 74, 25, 3D, 11, 01, 00, 00, 74, 2F, 3D, 10, 01, 00, 00, 74, 3E, 83, 3D, 36, 25, 40, 00, 01, 74, 05, E8, 11, 05, 00, 00, 33, C0, 5E, 5F, 5B, C9, C2, 10, 00, 6A, 00, FF, 75, 08, E8, DB, 05, 00, 00, 5E, 5F, 5B, C9, C2, 10, 00, 8B, 45, 10, 66, 3D, 02, 00, 74, E6, 66, 3D, E9, 03, 75, D7, E8, 2B, 00, 00, 00, EB, D0... 
[+]

Code size:

2 KB (2,048 bytes)

The file rld-sim3.exe has been seen being distributed by the following 24 URLs.

https://api.asm.skype.com/v1/objects/0-eus-d4-8f44068a05244ebe0f98afbd52748d8f/.../original

http://fileshare1180.dfiles.eu/auth-14593373600d009b5054abc35832880a-86.199.161.97-2516205735-154789494-guest/.../rld-sim3.exe

http://fileshare1180.dfiles.eu/auth-147915010149c44858ec7411361d0ade-92.90.125.68-38882660-154789494-guest/.../rld-sim3.exe

http://dl.dropbox.com/u/35961490/.../rld-sim3.exe

http://fileshare1180.dfiles.eu/auth-1477085788e8825fe7ceb66062d4c227-195.132.63.242-17631267-154789494-guest/.../rld-sim3.exe

http://es.originaldll.com/.../22917.exe

http://fileshare1180.dfiles.eu/auth-14753308244263b2f29dda217b689770-109.221.121.166-2698401874-154789494-guest/.../rld-sim3.exe

http://fileshare1180.dfiles.eu/auth-148095734815fd6577b1816caf9587c1-2.5.37.40-56659770-154789494-guest/.../rld-sim3.exe

https://docs.google.com/uc?authuser=0&id=0B_O4bXyrurn8RWRyNk5KVThyRVU&export=download

http://fileshare1180.dfiles.eu/auth-14801752543cc388386de559626c0e17-88.167.23.243-49050068-154789494-guest/.../rld-sim3.exe

https://dl.dropboxusercontent.com/u/.../games/rld-sim3.exe

http://www36.zippyshare.com/d/3631230/.../sim3-keygen.exe

http://fileshare1180.dfiles.eu/auth-1468520156b0c46a014cfad0364f49f8-109.89.254.73-2621355447-154789494-guest/.../rld-sim3.exe

http://fileshare1180.dfiles.eu/auth-146690351787bd4150e8abdcbbd2d52f-176.155.98.179-2604517661-154789494-guest/.../rld-sim3.exe

http://fileshare1180.dfiles.eu/auth-1467156797786af39f6cff963efed70c-93.16.116.177-2607269991-154789494-guest/.../rld-sim3.exe

about:internet

http://fileshare1180.dfiles.eu/auth-1466935697d521abd1ffe03c6a61af27-176.184.17.116-2604831673-154789494-guest/.../rld-sim3.exe

http://fileshare1180.dfiles.eu/auth-1462362230679e6ed972234775180b7f-83.153.81.135-2552907440-154789494-guest/.../rld-sim3.exe

temp:rld-sim3.exe

http://originaldll.com/.../22917.exe

http://www36.zippyshare.com/d/3631230/.../sim3-keygen.exe

http://vsepro100.ucoz.ru/.../1248791569_rld-sim3.exe

Remove rld-sim3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.