home

TorchUpdate.exe

Torch

Torch Media Inc.

Publisher:
Torch Media Inc.

Product:
Torch

Description:
Torch Update Module

Version:
1.0

MD5:
2f353e48314786e5d99cb799fc1625f5

SHA-1:
aafb75f01c3d5f1dc76610449663903bf806cc60

SHA-256:
5ebd3120b1f6990368bbe93153d9a2d2c2577d54474712c8a652d62a83af82a5

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 2:48:39 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Worm.Chir-2076
0.98/20914

NANO AntiVirus
Trojan.Win32.Delf.dtoeol
0.30.24.2487

File size:
1.1 MB (1,122,816 bytes)

Product version:
1.0

Copyright:
Copyright (C) 2014 Torch Media Inc. All Rights Reserved.

Original file name:
TorchUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\torch\update\42.0.0.9895\torchupdate.exe

File PE Metadata
Compilation timestamp:
7/16/2015 1:25:47 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:fF1rZcKmYnJtsFc/JZPaVQvcU5N8/3waZTmX+AzTrUW+Gc:91hREFchZPaSUU4/AUe+AzTIW

Entry address:
0x6D0C6

Entry point:
E8, 6A, 94, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, E8, 58, 4C, 00, 00, 8B, 4D, 08, 89, 48, 14, 5D, C3, E8, 4B, 4C, 00, 00, 8B, C8, 8B, 41, 14, 69, C0, FD, 43, 03, 00, 05, C3, 9E, 26, 00, 89, 41, 14, C1, E8, 10, 25, FF, 7F, 00, 00, C3, 6A, 0C, 68, B8, B4, 4E, 00, E8, 61, 75, 00, 00, 33, DB, 89, 5D, E4, 33, C0, 8B, 7D, 08, 3B, FB, 0F, 95, C0, 3B, C3, 75, 14, E8, EE, 23, 00, 00, C7, 00, 16, 00, 00, 00, E8, 88, 59, 00, 00, 33, C0, EB, 79, 33, C0, 8B, 75, 0C, 3B, F3, 0F, 95, C0, 3B, C3, 74, DE, 33, C0...
 
[+]

Entropy:
6.5212

Code size:
789.5 KB (808,448 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to a184-25-56-178.deploy.static.akamaitechnologies.com  (184.25.56.178:80)

TCP (HTTP):
Connects to 94.31.2.34.IPYX-076665-ZYO.above.net  (94.31.2.34:80)

Scan TorchUpdate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.