home

shift2.dll

MD5:
7f75004636e783494ad38303e4824c35

SHA-1:
d3ee12cec05ed63700ddf37a53b9d5586642143e

SHA-256:
6001b2cbaf947498ece8467a4c4290eb0761d0bd7b97f2c0e365fc31afca2b3a

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/25/2024 12:41:11 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod351.Trojan
1.3.0.4959

McAfee
Generic.dx!7F75004636E7
5600.7186

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.24BB13
7.2.78

Trend Micro
TROJ_SPNR.24BB13
10.465.19

VIPRE Antivirus
Trojan.Win32.Generic
27352

File size:
90 KB (92,160 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\electronic arts\shift 2 unleashed\shift2.dll

File PE Metadata
Compilation timestamp:
3/29/2011 8:32:01 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:dpFMkyv50l52DrCdpmk17OI11Yk1Ef8hMockbJQM2chbD8+EnDSir7IFRM0afU7:dI/5XPCdplt7iGckbKtcB8hm5raM7

Entry address:
0x16EA0

Entry point:
55, 8B, EC, 8B, 45, 0C, 48, 75, 05, E8, C2, FE, FF, FF, B8, 01, 00, 00, 00, 5D, C2, 0C, 00, CC, E0, 6E, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 6F, 01, 00, 00, 10, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FC, 6E, 01, 00, EC, 6E, 01, 00, 00, 00, 00, 00, E9, 04, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 00, 15, 02, 47, 65, 74, 4D, 6F, 64, 75, 6C, 65, 48, 61, 6E, 64, 6C, 65, 41, 00, 00, 4B, 45, 52, 4E, 45, 4C, 33, 32, 2E, 64, 6C, 6C, 00, 00, 00, 00...
 
[+]

Entropy:
7.7388

Developed / compiled with:
Microsoft Visual C++

Code size:
88 KB (90,112 bytes)

The file shift2.dll has been discovered within the following programs.

Need For Speed SHIFT 2  by Electronic Arts
Need For Speed SHIFT 2 is a video game distributed through EA's Origin digital distribution and digital rights management content delivery system.
www.ea.com
10% remove it
SHIFT 2 UNLEASHED version SHIFT 2 UNLEASHED  by SarirGame, Inc.
www.sarirgame.ir
About 6% of users remove it
The Sims 3 (7 in 1) English Edition  by Electronic Arts
The Sims 3 (7 in 1) English Edition is a video game distributed through EA's Origin digital distribution and digital rights management content delivery system.
www.thesims3.com
6% remove it
 
Powered by Should I Remove It?

The file shift2.dll has been seen being distributed by the following 3 URLs.

http://s10446.chomikuj.pl/File.aspx?e=Wp3plYTJXvxzyvzjiQggWTlH9bu30FEpICrIl-f7y72ftjGKCzAmvAYiplhCe1BoBt5VrZNgWuK_7TC2JiG29h2ii9PNt0H4Oaad--P_AAblrMSJwJ9srzKZA0Ml3bRRlX691F48KdJIQHO9jtPtiA&pv=2

http://s6882.chomikuj.pl/File.aspx?e=Wp3plYTJXvxzyvzjiQggWTlH9bu30FEpICrIl-f7y712-i0R4XNNGNoTNYcx8c__19duEOOEFWsIHVeHXbCg_qN4a7Zv0UTYWi72Ahsd0k-jaU6UDlQsudz1yWBAZh6D5zvE3qj7HASILzG7abBLeA&pv=2

http://s10446.chomikuj.pl/File.aspx?e=Wp3plYTJXvxzyvzjiQggWTlH9bu30FEpICrIl-f7y71J5_qNWlXvtinglfXTrUt41x7Tnkc1ohV0X3T6gcIpF1unVDTjF5EQjHrfinuXA-1s_15dt4g5KEUUlLg85nJDyGnqzmJcWvcrnwtPL6bRCg&pv=2

Scan shift2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.