» TorchCrashHandler.exe
Overview
Analysis
File Details
Behaviors (1)
Network (1)

TorchCrashHandler.exe

TorchCrashHandler

TorchMedia Inc.

It runs as a windows Service named “Torch Crash Handler”.

File name:

Publisher:

TorchMedia Inc.

Product:

TorchCrashHandler

Version:

0.0

MD5:

d09a246d668e24fd086449a1783fbdce

SHA-1:

dde059d535a199aea6c300fe440f6c951f735c80

SHA-256:

9a7ca29769b2143f9c6eab749c338aa561e6d8eed049d93690fbf1135a2e7b5b

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/26/2024 9:52:39 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GEN.F47V0205

7.2.59

File size:

1.2 MB (1,208,832 bytes)

Product version:

29.0.1547.5489

Original file name:

TorchCrashHandler.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\torch\update\torchcrashhandler.exe

File PE Metadata

Compilation timestamp:

1/27/2014 2:24:25 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

24576:f6gqBonO820VhQRND26ZTKrxx16fiJkeGqUYfx5+q0LNW:Mx85wD2oQxxwizGAfx5P0xW

Entry address:

0x6BA7E

Entry point:

E8, BD, F8, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, FF, 75, 0C, 8D, 4D, F0, E8, 8F, E3, FF, FF, 8B, 45, F0, 83, B8, AC, 00, 00, 00, 01, 7E, 16, 8D, 45, F0, 50, 68, 03, 01, 00, 00, FF, 75, 08, E8, 23, F9, 00, 00, 83, C4, 0C, EB, 12, 8B, 80, C8, 00, 00, 00, 8B, 4D, 08, 0F, B7, 04, 48, 25, 03, 01, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 4D, F8, 83, 61, 70, FD, C9, C3, 8B, FF, 55, 8B, EC, 83, 3D, E4, 94, 4E, 00, 00, 75, 14, 8B, 45, 08, 8B, 0D, E8, 61, 4E, 00, 0F, B7, 04, 41, 25, 03, 01, 00, 00... 
[+]

Code size:

761.5 KB (779,776 bytes)

Service

Display name:

Torch Crash Handler

Service name:

TorchCrashHandler

Description:

The crash handler service automatically updates Torch to the latest version and sends anonymous crash reports when Torch unexpectedly shuts down, to ensure that Torch offers the best performance and s

Type:

Win32OwnProcess, InteractiveProcess

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to ec2-54-228-229-139.eu-west-1.compute.amazonaws.com (54.228.229.139:80)

Scan TorchCrashHandler.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.