nfsc_patch1.3_euromulti.exe

RTPatch

Pocket Soft, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from s6212.chomikuj.pl and multiple other hosts.
Publisher:
Pocket Soft, Inc.

Product:
RTPatch

Description:
RTPatch Executable

Version:
7.00

MD5:
b9f4ac8e08e88799cb0cd07ed6345581

SHA-1:
273349bc6c03e41c8361e389319eca0f28c33d5a

SHA-256:
b086f808a1eb38cb47a968b8930a0423e7d10b3eb4c3d74404d2cd6e8f08911c

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/26/2024 7:40:43 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.RDM.01!5.7[F1]
23.00.65.151011

Zillya! Antivirus
Adware.BrowseFox.Win32.133980
2.0.0.2496

File size:
14.5 MB (15,224,261 bytes)

Product version:
7.00

Copyright:
(C) Copyright Pocket Soft, Inc., 2002. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
12/3/2002 9:16:44 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.55

CTPH (ssdeep):
196608:PAHGHonmoMoh49rUGZE9Zd+JVYD+Xxo7yvIbGNvBjx2QX3bIse:omInmbo+9FZE0gD+XxtfbIZ

Entry address:
0x1AA5

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 00, 90, 40, 00, 68, 8C, 32, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, FF, 15, 7C, C1, 40, 00, 8A, D4, 8B, C8, 81, E2, FF, 00, 00, 00, 81, E1, FF, 00, 00, 00, C1, E8, 10, 89, 15, AC, AE, 40, 00, 89, 0D, A8, AE, 40, 00, A3, A0, AE, 40, 00, C1, E1, 08, 03, CA, 89, 0D, A4, AE, 40, 00, E8, DD, 16, 00, 00, C7, 45, FC, 00, 00, 00, 00, E8, E3, 15, 00, 00, E8, D3, 15, 00, 00, FF, 15, 78, C1, 40, 00, A3, 3C, 7E, 40, 00, E8, 37, 11, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v4.2

Code size:
22.5 KB (23,040 bytes)

The file nfsc_patch1.3_euromulti.exe has been seen being distributed by the following 4 URLs.

http://s6212.chomikuj.pl/File.aspx?e=fW8mi9feRVyQAz8EiEXE_YPXcUYwzlHcWQGS-S5sA4DbOMo13f42UMC0-w35ysKr5I-kYQlzOQjSc0CXo-mTIJSZnxRALWOZTimIjPZwPLzQwM-Or5xypehXmJXppYwWgDZuQoPDxNy042wvsVyES-dynB0LGVvP18kz0lna_2s&pv=2

Scan nfsc_patch1.3_euromulti.exe - Powered by Reason Core Security