dragonage2demo_f93m2qcj_enesitplru.exe

Dragon Age II Demo

BioWare

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
BioWare  (signed and verified)

Product:
Dragon Age II Demo

Description:
Dragon Age II Demo Installer

Version:
1.00.500.7

MD5:
020bb0a659adbc8ca41103c2acba9855

SHA-1:
a94715cd7943533a3cf1d84d40e667b04e1abc2e

SHA-256:
4a7970b14483e9c3ebd5b906f42fb04e8d04545c76f2e3bd04f1b6182df746da

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 9:46:15 PM UTC  (today)

File size:
1.9 GB (2,022,029,712 bytes)

Copyright:
© 2011 EA International (Studio and Publishing) Ltd.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\dragonage2demo_f93m2qcj_enesitplru.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
4/28/2008 2:00:00 AM

Valid to:
4/29/2011 1:59:59 AM

Subject:
CN=BioWare, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BioWare, L=Edmonton, S=Alberta, C=CA

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
288D4648F06AB22B37F668A22FC2665D

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
50331648:nV6s68bdYnBTiaI7tFWKokNdDeEZWtMYyvpIDHGEsyOcu7T2d:rchiamAaFwHXhl0Tw

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file dragonage2demo_f93m2qcj_enesitplru.exe has been seen being distributed by the following 9 URLs.

http://dw.uptodown.com/dwn/51AE8wZ9qqY8-MoT9bUNQYVsAEYMaByITVqpMNLsON5mfVz9rBkxGNLQ05i27WmVRpT0db4u6cq0KJUHhrq_YOQEKrXh96eKJBW3fBDnGR-kqsl_-V_sjeoWFNfpJwKr/38_ceDGtUP9FQyVXjNzMceRubVYOx0atrz322p4c-9ILR7slERawpnGZOx4pUsB0_ww9dqhSYtIoTO1S1Q8Ht9VbDcnz2u0YD--zxIjWslc6h8Y3IPjavQHoKpzR2Ph8/.../

https://dw.uptodown.com/dwn/MAgsl6Ou79ULe3ZYd1ts85kfVpJkTtikXZArGytobr3ZGskY1M71nTj07aa9sxjGa_zGNbeWSFl7AcYeNSIBywQyg31qActqG39KQ2YW4jRxt_FSxS_hV03mPk7c2ODv/FT7gYnddVSi8eBZ8_EWaW3xRXdSnH5aCUu-76PE7pt3GJfpk3us2GtqCv9nntQmZfm1zADLQyM7-vUEKUH8huFq6lBlzVTHJe_V1bQTwXQ1LBX8ZwDbGioKx-YkWZiic/EqTw6SaaNUNQRlF7LEvxMLhOqIYqHQUXN2lfAhALbf1ttYHjiaISHQ7eu72IhaIq16PVY6AsnO8ZRTH7QL5AqzKmJ1ny8LqqjCP0T0vrbv-qTPNOBsI8RBsk6G0VvK3D/.../

https://s3-eu-west-1.amazonaws.com/app-static-prod-eu-west-1/downloads/.../DragonAge2Demo_F93M2qCj_EnEsItPlRu.exe

http://www.techtudo.com.br/_/software/.../download

Scan dragonage2demo_f93m2qcj_enesitplru.exe - Powered by Reason Core Security