» torrentex.exe
Overview
Analysis
File Details
Downloads (37)

torrentex.exe

Torrentex

LLC

The application torrentex.exe, “Simple torrent client ” by LLC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from apploading.mobi and multiple other hosts.

File name:

torrentex.exe

Publisher:

Torrentex Inc. (signed by LLC )

Product:

Torrentex

Description:

Simple torrent client

MD5:

35b2123ac2ae65f7dc01eaa1c7c11cd8

SHA-1:

105886d45e8d514eec25f5078a1f8b96dd660018

SHA-256:

d1e2aead0db5c71e241d245ddc532ff314dc0832bcf6d351502bf2f395902b2c

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

12/27/2024 2:02:14 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonitize.Torrentex.Installer (M)

15.11.14.16

File size:

17.8 MB (18,698,056 bytes)

Product version:

0.1.4b

©Torrentex Ink.

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\torrentex.exe

Digital Signature

Signed by:

LLC

Authority:

COMODO CA Limited

Valid from:

6/5/2015 3:00:00 AM

Valid to:

6/5/2016 2:59:59 AM

Subject:

CN="LLC ""TARKOS SOFT""", O="LLC ""TARKOS SOFT""", STREET="prosp Peremogy, 68/1", L=kyiv, PostalCode=01054, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7A90449016B8E2CFEDE0BDF86A2648FA

File PE Metadata

Compilation timestamp:

7/16/2015 4:24:20 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:u3u8v/ePoN/OPo/K6YJzpjpSKKI9bWyxhoTWHt/aJiVwOeZLS7K:Aug/ePoNO0YJaVI9hp/uiVfecK

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file torrentex.exe has been seen being distributed by the following 37 URLs.

http://apploading.mobi/mobi?k=83e036d80e0c8adacece9efb27e04829&q=NetCut 2.1.4

http://apploading.mobi/mobi?k=60d238f4028e8a649a0dc7c575729ab9&q=GTA Grand Theft Auto Vice City Game

http://apploading.mobi/mobi?k=60d238f4028e8a649a0dc7c575729ab9&q=Bad Boys 2 Game

http://apploading.mobi/mobi?k=60d238f4028e8a649a0dc7c575729ab9&q=Euro Truck Simulator 1 Game

http://www-searching.com/?pid=s&s=GAGzamobl20564AU,9e87f940-4dd7-4c50-82de-17022f616682,&vp=ch&prd=smw_vp&UUU=http://download1.torrentex.ru/.../torrentex0.1.4b.exe

http://apploading.mobi/mobi?k=60d238f4028e8a649a0dc7c575729ab9&q=Project Igi 1

http://hyperline88.com/mobi?k=8bb1571a02dda48b57c3d5fd612607b0&q=Download Game Pikachu Offline 2016

http://apploading.mobi/mobi?k=60d238f4028e8a649a0dc7c575729ab9&q=Mafia 1 Game

http://justgetitfaster.com/mobi?k=0eedfe7914e603f0eb354c175b9e512b&q=Deadpool Game

http://justgetitfaster.com/mobi?k=f255aab625670b160aee4b6fa5821623&q=Far Cry 3 Game

http://mirror2.internetdownloadmanager.com/idman626build10.exe

http://www-searching.com/?pid=s&s=Unknown&vp=ch&prd=smw_vp&UUU=http://download1.torrentex.ru/.../torrentex0.1.4b.exe

http://us1.springfiles.net/Call_of_Duty_4_downloader.exe

http://gsf-cf.softonic.com/d25/763/.../MessengerSetup_1-4-3.exe

http://justgetitfaster.com/mobi?k=f053cd2aef760c6fb985073258a0e706&q=Ph?n m?m phát WiFi trên Win 10 mi?n phí m?i nh?t 2015

http://justgetitfaster.com/mobi?k=56337d4e4582d482aed8f13f81ba1bca&q=Download NBA 2K12 Torrent PC

http://dw.uptodown.com/dwn/QBz4GaCEyBlhpV3zCe_26OpN_YHRJPZC4rIbVtXhyWsTXW0QfNYECC50Yuyp9-BzibbcNDMnEVFDZuScpqAIATRPRSQWvW2K4SXIW5v3Z2_68iyfjVhH-v3-8JcBMfQ2/5nYKr0uVjB8TtFMRDESgSRhHPWS5cDo-w9LoheMb3pxLJVig2kmd4vMJUbgZQaam54I_eKguhr8NxtKczwo3pj8dVH5UG1BR0bDO3Pkbf-Yzko2hcujlQXWBCnLUliZi/Q25CACag9PfUBKpSvtbXbFOfKXXfEfes3DeAXz2W_mVVSVdxlo0ZSmw4u-NOkrlHBc4AKOrw6GCfvBWRte8AQSJv23Nz5VnalVXk_8ZE28ufzLRlAMeX2gEHtBc4YFbq/.../

http://software-files-a.cnet.com/s/software/15/47/50/.../avast_free_antivirus_setup_online_cnet2.exe

http://www-searching.com/?pid=s&s=gajzamobl20487bu,bf224263-afba-436f-be16-b12e751566ee,&vp=ch&prd=smw_vp&UUU=http://download1.torrentex.ru/.../torrentex0.1.4b.exe

http://hyperline88.com/mobi?k=8226e909fc3c043961c2903366904912&q=Iron Man 1 - (Www.ApunKaGames.Net).rar

http://113.171.224.166/.../torrentex0.1.4b.exe

https://doc-10-bc-docs.googleusercontent.com/docs/securesc/57pjc3pcloe4rpcvgltps23h2pc2pc0m/qgk1frisog79f7km0iq7ked9s9os2c7h/1461189600000/.../05270867088858441673/0B4pqQ6mL4tPJS3VpdV9ZZFhBUVU?e=download

http://thecoolersoftwares.info/go.php?sid=8591&fname=WiFi Password Hacking Software 2016 – WiFi Hack, WiFi Crack

http://justgetitfaster.com/mobi?k=52d2f98737e665e2259eb576ef835814&q=Left 4 Dead 2 – PC

http://justgetitfaster.com/mobi?k=f053cd2aef760c6fb985073258a0e706&q=Download Scanitto Pro Full – Ph?n m?m Scan hình ?nh

http://www-searching.com/?pid=s&s=G7Kzamobl7934BT,d2a6b5ec-2b32-4671-b129-22472045c44c,&vp=ch&prd=smw_vp&UUU=http://download1.torrentex.ru/.../torrentex0.1.4b.exe

temp:torrentex0.1.4b(1).exe

temp:torrentex0.1.4b (1).exe

http://thecoolersoftwares.info/go.php?sid=8691&fname=PES 2015 PTE Patch 4.0

http://105.232.255.252/cache/download1.torrentex.ru/.../torrentex0.1.4b.exe

Latest 30 of 37 download URLs

Remove torrentex.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.