home

tjd3frhl.dll

R2beat Launcher

Take-Two Interactive Software, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Tjd3FRhl’.
Publisher:
Neowiz co.  (signed by Take-Two Interactive Software, Inc.)

Product:
R2beat Launcher

Version:
37, 0, 0, 0

MD5:
50493d3429429cd476fcf8e3acb920a4

SHA-1:
5c8c706305c7a788a070c925ce78a5ff5a5a44f7

SHA-256:
073f9a208b2df52b382dcc86baa46736870ff7d3d3ccff6fcbeac295f2f49003

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/19/2024 11:51:45 PM UTC  (a few moments ago)

File size:
81.6 KB (83,576 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright 2005

Original file name:
chn_launcher.exe

File type:
Dynamic link library (Win32 DLL)

Digital Signature
Signed by:
Take-Two Interactive Software, Inc.

Authority:
Entrust, Inc.

Valid from:
5/5/2012 7:56:22 AM

Valid to:
5/5/2013 9:03:42 PM

Subject:
CN="Take-Two Interactive Software, Inc.", O="Take-Two Interactive Software, Inc.", L=New York, S=New York, C=US

Issuer:
CN=Entrust Code Signing Certification Authority - L1D, OU="(c) 2009 Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, O="Entrust, Inc.", C=US

Serial number:
4C17180A

File PE Metadata
Compilation timestamp:
4/23/2015 4:00:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:ZdjAmQu/46Rnf+EORfkDqnFA1vhFa19aus1ugbW0yOX2AtAEpvrRYD:LvxA0nuFbnFq89d0J2+5pvrKD

Entry address:
0xD350

Entry point:
B8, FC, 39, 04, 10, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 64, AD, 37, 24, 43, 62, 99, BE, 39, D1, 3A, E5, CF, DF, 87, D5, 47, 43, 5B, 87, 35, C4, A4, 7C, CD, A0, 47, CC, 31, BC, 89, 0B, 52, A3, 9B, 69, 54, 86, 28, B2, 54, 40, 82, 76, C1, D6, 4D, 06, 28, 97, D2, CC, 77, 76, E6, 73, 23, 3A, 5E, 66, EC, 40, 1E, E1, 37, 25, 8F, 94, 1B, A7, 89, 37, C8, F2, 13, 9B, B0, 5A, 45, EB, 43, 11, E4, 79, 24, 5A, 7A, 1A, D6, 31, 1C, C5, A0...
 
[+]

Entropy:
7.9044

Packer / compiler:
PECompact v2

Code size:
60 KB (61,440 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Tjd3FRhl

Command:
rundll32.exe C:\zdjxzf\tjd3frhl.dll,pionbin


Scan tjd3frhl.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.