home

fifa13.exe

FIFA 13

Electronic Arts

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from s7072.chomikuj.pl and multiple other hosts.
Publisher:
Electronic Arts

Product:
FIFA 13

Version:
1,1,0,0

MD5:
dd5810110e4ee9653fec72b642699beb

SHA-1:
5ab6bbdaaf511fcd7e0667fb66b4f75b463e9322

SHA-256:
98c306cd2807b3dba40f70bfa00c193ef9e85b6402e1e858e82d74f4e2a009e4

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 12:16:13 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Suspicious
7.1.1

Bkav FE
W32.HfsAutoB
1.3.0.4613

McAfee
Artemis!DD5810110E4E
5600.7272

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131221

File size:
28.5 MB (29,936,640 bytes)

Product version:
13.1.1184026

Copyright:
Copyright (C) 2012

Original file name:
FIFA 13

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/7/1971 11:11:28 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:mhgwAS0RNwpZnUUAqGEhmjhG/2/IZZXcZn:mhQNwpVv+G2AZZMZn

Entry address:
0x3F05168

Entry point:
68, 44, 50, 30, 04, FF, 15, 28, 50, 30, 04, FF, E0, 57, 65, 20, 6C, 6F, 6C, 27, 64, 20, 61, 20, 67, 6F, 6F, 64, 20, 62, 69, 74, 20, 21, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
43.3 MB (45,406,720 bytes)

Scheduled Task
Task name:
{0155CD29-551B-4CFC-A952-CB07B0DF97D7}

Trigger:
Registration (Runs on registration)


The file fifa13.exe has been discovered within the following programs.

Angry Birds Space  by Rovio
Angry Birds Space is a puzzle game and the fourth game in the Angry Birds video game series.
www.rovio.com
2% remove it
Doorways  by Saibot Studios
www.doorwaysgame.com
About 1% of users remove it
FIFA 13  by Electronic Arts
FIFA 13 is developed by EA Canada. There are 26 stadia in FIFA 13, including two new real ones: Tottenham Hotspur's White Hart Lane and the Saudi Arabia's King Fahd International Stadium. and one new generic stadium, Sanderson Park.
www.ea.com/ru
5% remove it
Fifa 13 Repack V2 999  by El Kinderguapo
duque.16mb.com
About 1% of users remove it
FIFA 13 version FIFA 13  by SarirGame, Inc.
www.sarirgame.ir
About 2% of users remove it
FIFA 2013 Ligue Bartar  by E.A Sports
www.E.ASports.com
About 5% of users remove it
FIFA13 version 13  by Click, Inc.
www.ClickPcGame.com
About 8% of users remove it
League of Legends  by Riot Games
League of Legends (LoL) is a multiplayer online battle arena video game developed and published by Riot Games for Microsoft Windows. Players are formed into 2 even teams of Champions, 3v3 or 5v5. League of Legends is a session-based game.
www.RiotGames.com
12% remove it
Trials Evolution Gold Edition  by Ubisoft
Publisher's description - “Trials Evolution: Gold Edition marks the Trials franchise’s triumphant return to the PC gaming platform. RedLynx’s signature franchise, the Trials series first made its mark in gaming with the 2008 release of Trials 2 SE for the PC.”
support.ubi.com
7% remove it
 
Powered by Should I Remove It?

The file fifa13.exe has been seen being distributed by the following 15 URLs.

http://s7072.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlO_zdxrsXFkImZiKPGCWzXegLIz9xOFf-njsddQvZKZGMztNkm0eRxVddUVoMIs_-1GjHtuoP3kwOqgEJigdwJzzv8Mh8CaDweR5xh4ApnXS66sboi_T3LJ4lKrjYAupjw&pv=2

http://s7072.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlBlu_nAJlOcn2e_2lcCd7XIRFy148HD6Qw9HfJoje5WEJF1Barpv0Zf0UkuHNJfsyG9D5_x1EwmcNw4eLwWMOnIodntkRXTUZeojCeMjWO9CZ-J7bCHexlpmbG3Yl76WAw&pv=2

http://s7072.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlBlu_nAJlOcn2e_2lcCd7XI58t43nAOgJsrG3VUtxrMO9LWlgXIGwVNwRKtrJgj0Mcv7qGpX0aT5yNnSJyZuvjACXIUlnz6fVi0gJAkFqmrI-xXpSwPlaprW-pPlgd0STA&pv=2

http://s7072.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlBlu_nAJlOcn2e_2lcCd7XLE1XZsMjosXAmAuv-DkzoJvIH5fSqO6NnmQeGa19aFcx9xjY8UGiOwnPTbdJ_DtH6hsMMO-Z2uG1-5uMqxTgcqzlukzCScejoECpg4dLOzJQ&pv=2

http://10.233.233.233/data/index.php?dir=Hindi1/Games/FiFa 13/.../&file=fifa13.exe

http://px3.5f.pl:8080/.../dl?d=d5b8b19fe84e0d12d000e1614af8f2f00034880d

temp:fifa13.exe

http://205.196.121.210/nsvt921eltug/.../fifa13.exe

http://s7072.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlCm6URWYlasUHBP82LY2Hz9rGIyD4j3BKeOOhz9kBNAffs5raqxmbgfvfvbsKk7UeFaKdi1d4vuKXqmIhcqxk0hRgHKYU9XUrKlZ0N1XJSgyPygwwzQAbg6ZPoPgpkv2wg&pv=2

http://s6624.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlBlu_nAJlOcn2e_2lcCd7XIO_s73vfrKcYL-F8JvbFUyU53aicNXaRm5iFRhAgh16TruK6rmB1KtPF4ffoU74t2oXuj46TuFOm5jupoMo2AKRWM-4B5G0UZdmyhilRJ_FQ&pv=2

http://s6624.chomikuj.pl/File.aspx?e=MaJtmWhSsRuRMlOxXQzSlDweTwTbrjdzAw-SCuuzy_I_qtiweDSzwfnYsojeb7OP_M6K_V9kaC92UvqMOuGyP0pnkXmWh8SeHSFzIjKAoIlhPXI27f_cmNlXKPR75VVn9IBTVf2M5sKAnWQzPAW5Kg&pv=2

https://mega.nz/temporary/.../EVhQlRTB

http://originaldll.com/.../40220.exe

http://dc194.2shared.com/download/.../fifa13.exe

http://dc654.2shared.com/download/.../fifa13.exe

Scan fifa13.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.