» utorrent.3.4.3.exe
Overview
Analysis
File Details

utorrent.3.4.3.exe

uTorrent installer

OOO Torrent

The application utorrent.3.4.3.exe by OOO Torrent has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.

File name:

utorrent.3.4.3.exe

Publisher:

OOO Torrent (signed and verified)

Product:

uTorrent installer

Version:

3.1.0.0

MD5:

1395a1b176c0187ce58bceecd0fcb2b3

SHA-1:

f65d63447a0fade6ceb8769772ed721572d6a3dc

SHA-256:

03ea8d7b5d10190c7832c26cd40dff50da8fbb4a0dd5640795f4fd4f2b5198f0

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

11/1/2024 1:33:50 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.193776

368

Agnitum Outpost

Riskware.Agent

7.1.1

Arcabit

Trojan.Graftor.D2F4F0

1.0.0.425

Bitdefender

Gen:Variant.Graftor.193776

1.0.20.165

ESET NOD32

Win32/LlcIt.C potentially unwanted (variant)

10.11828

Fortinet FortiGate

Riskware/LlcIt

2/2/2016

F-Secure

Gen:Variant.Graftor.193776

11.2016-02-02_3

G Data

Gen:Variant.Graftor.193776

16.2.25

IKARUS anti.virus

PUA.LlcIt

t3scan.1.9.5.0

McAfee

Artemis!1395A1B176C0

5600.6502

MicroWorld eScan

Gen:Variant.Graftor.193776

17.0.0.99

VIPRE Antivirus

Trojan.Win32.Generic

41382

File size:

4.9 MB (5,118,272 bytes)

Product version:

3.1.0.0

OOO Torrent

Trademarks:

OOO Torrent

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\utorrent.3.4.3.exe

Digital Signature

Signed by:

OOO Torrent

Authority:

DigiCert Inc

Valid from:

5/5/2015 3:00:00 AM

Valid to:

4/28/2016 3:00:00 PM

Subject:

CN=OOO Torrent, O=OOO Torrent, L=Moscow, S=Moscow region, C=RU, PostalCode=105245, STREET="Parkovaya Tretiya, 41A", SERIALNUMBER=1022402480418, OID.1.3.6.1.4.1.311.60.2.1.3=RU, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0ED1F628C13CB946E019DBFFC99B9725

File PE Metadata

Compilation timestamp:

5/8/2015 1:26:25 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

98304:NLsLsMiMrbj8RZ6VIfuLMP/rGJ0CdXUJff:IskvSfuL0/rGJ0C5UVf

Entry address:

0x2344

Entry point:

EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, 40, 80, 00, A1, 9F, 40, 80, 00, C1, E0, 02, A3, A3, 40, 80, 00, 52, 6A, 00, E8, B9, 0B, 40, 00, 8B, D0, E8, 72, 08, 3B, 00, 5A, E8, 94, 07, 3B, 00, E8, C3, 09, 3B, 00, 6A, 00, E8, 7C, CD, 3B, 00, 59, 68, 48, 40, 80, 00, 6A, 00, E8, 93, 0B, 40, 00, A3, A7, 40, 80, 00, 6A, 00, E9, 8F, BB, 3B, 00, E9, AE, CD, 3B, 00, 33, C0, A0, 91, 40, 80, 00, C3, A1, A7, 40, 80, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, F5, 00, 00, 00, 0B, C9... 
[+]

Code size:

4 MB (4,206,592 bytes)

Remove utorrent.3.4.3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.