DAOrigins.exe

Dragon Age: Origins

BioWare

This is a setup program which is used to install the application. The file has been seen being downloaded from s10140.chomikuj.pl.
Publisher:
BioWare  (signed and verified)

Product:
Dragon Age: Origins

Version:
1.0.9353.0

MD5:
5db9faa9ffac813d7788a8575d2ad45a

SHA-1:
333f9b54f93a58ebd68d4f967e52e64365ef6521

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 2:59:14 AM UTC  (today)

File size:
9.5 MB (9,909,480 bytes)

Product version:
1.0.9353.0

Copyright:
© 2009 EA International (Studio and Publishing) Ltd.

Original file name:
DAOrigins.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
4/28/2008 2:00:00 AM

Valid to:
4/29/2011 1:59:59 AM

Subject:
CN=BioWare, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BioWare, L=Edmonton, S=Alberta, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
288D4648F06AB22B37F668A22FC2665D

File PE Metadata
Compilation timestamp:
9/17/2009 5:15:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:8dQ728k9T0tic1+W9CZrHlEEHOe6JtCrl7a:Ml9oic1+WUZrH2EHcJOW

Entry address:
0x4AF3D4

Entry point:
E8, DB, 0B, 00, 00, E9, 35, FD, FF, FF, FF, 25, 58, 32, AA, 00, FF, 25, 5C, 32, AA, 00, CC, CC, CC, CC, CC, CC, 83, 3D, F0, 74, C0, 00, 00, 74, 2D, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24, F2, 0F, 2C, 04, 24, C9, C3, 83, 3D, F0, 74, C0, 00, 00, 74, 11, 83, EC, 04, D9, 3C, 24, 58, 66, 83, E0, 7F, 66, 83, F8, 7F, 74, D3, 55, 8B, EC, 83, EC, 20, 83, E4, F0, D9, C0, D9, 54, 24, 18, DF, 7C, 24, 10, DF, 6C, 24, 10, 8B, 54, 24, 18, 8B, 44, 24, 10, 85, C0, 74, 3C, DE, E9, 85, D2, 79, 1E, D9, 1C, 24, 8B, 0C...
 
[+]

Code size:
6.6 MB (6,955,008 bytes)

Windows Firewall Allowed Program
Name:
F:\MoreGames\Dragon Age\bin_ship\daorigins.exe


The file DAOrigins.exe has been seen being distributed by the following URL.

Scan DAOrigins.exe - Powered by Reason Core Security