» shift_pc_na-dvd.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

shift_pc_na-dvd.exe

RTPatch

Electronic Arts

This is a setup program which is used to install the application. This is installed with Need for Speed™ SHIFT. The file has been seen being downloaded from www.ranchmetabits.com and multiple other hosts.

File name:

shift_pc_na-dvd.exe

Publisher:

Pocket Soft, Inc. (signed by Electronic Arts)

Product:

RTPatch

Description:

RTPatch Executable

Version:

11.01

MD5:

b145f379acd95ec5c1959e2592a718f3

SHA-1:

3ec2bf46aeb223c369ffcb0b57c080fba67d5dd9

SHA-256:

914fa18383a389c34e58ce7a7227f5a4cfb17804ccbc531d69bcdd2faefae206

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 3:27:10 AM UTC (today)

File size:

134.9 MB (141,490,120 bytes)

Product version:

11.01

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\shift_pc_na-dvd.exe

Digital Signature

Signed by:

Electronic Arts

Authority:

VeriSign, Inc.

Valid from:

9/4/2008 7:00:00 PM

Valid to:

10/4/2011 6:59:59 PM

Subject:

CN=Electronic Arts, OU=Synthetic, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Electronic Arts, L=Redwood City, S=Ca, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6E9B46A4FDC17828C3E7EA71C2BE85FB

File PE Metadata

Compilation timestamp:

7/1/2009 10:41:37 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.55

CTPH (ssdeep):

1572864:03PDWx6ByOitdvJaBwzZwclpt2Fa7n12lG7nwK6C+4kqopup:gBnitfIwlHlptHwl8wlq9p

Entry address:

0x53C5

Entry point:

64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 00, C0, 40, 00, 68, A4, 6C, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 2C, F3, 40, 00, A3, 24, E0, 40, 00, 8A, C4, 25, FF, 00, 00, 00, A3, 30, E0, 40, 00, A1, 24, E0, 40, 00, C1, 2D, 24, E0, 40, 00, 10, 25, FF, 00, 00, 00, A3, 2C, E0, 40, 00, C1, E0, 08, 03, 05, 30, E0, 40, 00, A3, 28, E0, 40, 00, E8, F5, 0B, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, 77, 17, 00, 00, E8, 67, 17, 00, 00, FF, 15, 24, F3, 40, 00, A3, 30, B5... 
[+]

Entropy:

7.8580

Developed / compiled with:

Microsoft Visual C++ v4.2

Code size:

28.5 KB (29,184 bytes)

The file shift_pc_na-dvd.exe has been discovered within the following program.

Need for Speed™ SHIFT by Electronic Arts

Need for Speed: Shift is the 13th installment of the long-running racing video game franchise Need for Speed; published by Electronic Arts. There are 60+ cars which are divided into 4 tiers.

www.electronicarts.cz

4% remove it

The file shift_pc_na-dvd.exe has been seen being distributed by the following 2 URLs.

http://www.ranchmetabits.com/ECQ0aW Ow1mNlju5KFRzQcf4_pSBiupY92_J6Lz3nublID9vp2eFmoUkJwuI_gnDeMdAhqg29qdYqF f0Mxf FE8acnykr7VAvUWrM8QjF2n_VnDaGdtGUVlQrML7POcKBLiXlvobSBzjOP2oFzrcfGyT35dFuyNV hfPSLzYM6lAtv7VfA=-GxEDAGTSzefHoV_A 0bwBpWlh2mgEAwmcsDeFkPMJ7H3xoEna4z8LAJzy9FcjtWRoXHHeyraPVHhFcETn vceGSj3TsOduPMUxwjQcJ82s9J0muZEUnwoOU7K fEcOlw3eJvKvw_mtOQ7EU_zw0C52koHLiJW jfmMvWwnL8USiNYf7Id_h5PPJXVrq8ynbdblrMZ1Rg9lgdhj7UmcpaVHCc26t9 hhb1nEuW4kR4aQ1jzapGXaCvz1WRxayfO_o3mR1ObSceEBr9B4BOLIrpihv8bV5shMaCXr_NEG2ZJKcEBfuexiWLqOcp04PyK5JaIdbiQX8DMpcye2u3 mLRen452eioPHNmM3NAzDY5vOy oQBhojkLeMazqiAHeuqC30pcVYzQjZ0CLGNs4Sk3_EoqoZR5nX8BpYjgmd8Bg0XZ34rhZb7wNqc_WTFvd_HnuSnYKkFmEqk5eY0dOUvFWp9dJMnbec_T9iaOROwGm4rsLeQ7oaCyB4sEUIFqEX0grXSt_Wma7tapppnvoBqhuIvrKBHguMuMHnTuQ_z0aKPtXsg6MtvoiVQ9dhqEyf_RV2JbqdL94JOiFw 5K6CFQ_BD1C 9QTVo6ONPcW8jqYxSt1eGCpy7rdWGV06xDh1hmRovKeCN0QJ8tYhMIUjhTW0fUgiyn7tUUR8oVE8X8Q6Ke518jDt_cC0IguB2usbpVRYdHPqaOOI FfBMY6T_D0Hd dn71OcdOlVRWWBRGeAgIObeFZ7x3EUxk7Kt0AUFK79ro0Y9fyzmwSl2ytgrB

http://akamai.cdn.ea.com/eadownloads/u/f/eagames/.../SHIFT_PC_NA-DVD.exe

Scan shift_pc_na-dvd.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.