196000b96715c129748433e7b239eb3e.exe

Origin

Electronic Arts, Inc.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with Origin. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.
Publisher:
Electronic Arts, Inc.  (signed and verified)

Product:
Origin

Version:
9.4.7.2799

MD5:
196000b96715c129748433e7b239eb3e

SHA-1:
811f4d93a71cebcf0789e95644033017f2098cb3

SHA-256:
d2a4739ea4806b865ccadd0d9af3b57bfe16e6c2e45610fde4deabcb55ac473f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:45:07 PM UTC  (today)

File size:
16.2 MB (17,009,768 bytes)

Copyright:
Electronic Arts, Inc © 2011

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\196000b96715c129748433e7b239eb3e.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/13/2013 8:00:00 PM

Valid to:
7/20/2015 7:59:59 PM

Subject:
CN="Electronic Arts, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=EAC, O="Electronic Arts, Inc.", L=Burnaby, S=British Columbia, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
07FF4C1AAFDB3BA86CDBCB8B36AD8E2E

File PE Metadata
Compilation timestamp:
2/1/2012 12:12:42 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:kY+4RmNA8lNOgCtTvrACahClnc3lDUwScDJ6:kY+48kTAMYDo

Entry address:
0x33E2

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 88, 85, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 55, FF, 15, B4, 82, 40, 00, 6A, 08, A3, D8, B5, 42, 00, E8, 4B, 29, 00, 00, 55, 68, B4, 02, 00, 00, A3, E0, B4, 42, 00, 8D, 44, 24, 38, 50, 55, 68, 84, 85, 40, 00, FF, 15, 84, 81, 40, 00, 68, 6C, 85, 40, 00, 68, E0, A4, 42, 00, E8, 1B, 28, 00, 00, FF, 15, B0, 80, 40, 00, 50, BB, 00, 60, 43, 00, 53, E8, 09, 28, 00, 00...
 
[+]

Entropy:
7.9997

Packer / compiler:
Nullsoft install system v2.x

Code size:
25.5 KB (26,112 bytes)

The file 196000b96715c129748433e7b239eb3e.exe has been discovered within the following program.

Origin  by Electronic Arts
Origin (EA Store) is a digital distribution, digital rights management system from Electronic Arts that allows users to purchase games on the internet for PC and mobile platforms, and download them with the Origin client (formerly EA Download Manager).
www.ea.com
24% remove it
 
Powered by Should I Remove It?

The file 196000b96715c129748433e7b239eb3e.exe has been seen being distributed by the following 15 URLs.

http://lb.cdn.m6web.fr/d/c/a/79c84a59f7c07aad3d63f74fddd6724f/5395dd49/soft/.../origin_9-4-7-2799_fr_401708.exe

Scan 196000b96715c129748433e7b239eb3e.exe - Powered by Reason Core Security