home

uTorrent.exe

µTorrent

LLC LVIV IT!

The executable uTorrent.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
BitTorrent Inc.  (signed by LLC LVIV IT!)

Product:
µTorrent

Version:
3.4.8.42449

MD5:
ba44473a81ecc255884cb2b5f5d08d23

SHA-1:
1a42a457261f373a1445e3138a77bb9f2af2c029

SHA-256:
988f3a6409f2cb6f53de5ec8baefb32d1a8e31a986fe327528f8edb38c41c9aa

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/15/2024 7:50:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.10.21

File size:
4.3 MB (4,541,680 bytes)

Product version:
3.4.8.42449

Copyright:
©2016 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\utorrent.exe

Digital Signature
Signed by:
LLC LVIV IT!

Authority:
COMODO CA Limited

Valid from:
2/17/2016 3:00:00 AM

Valid to:
2/17/2017 2:59:59 AM

Subject:
CN=LLC LVIV IT!, OU=IT, O=LLC LVIV IT!, STREET="vul. Saksahanskoho, 2", L=Stryy, S=Lvivska, PostalCode=82400, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
070E2550D28AFF375A722D4A8040623A

File PE Metadata
Compilation timestamp:
3/24/2016 10:24:35 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:MwgIMC/AZHRP+4Q99p4PcOFJuYutNz6hLwSq9DSKg4amyxVHBJQPeLD+s6ZX+/S8:MAM3YJ79wVHBGPeHuZgXmHs

Entry address:
0x12AFB

Entry point:
55, 8B, EC, 83, EC, 60, C7, 45, AC, 24, 00, 00, 00, 83, 25, 40, 99, 84, 00, 00, 8B, 45, AC, 05, 0B, 16, 00, 00, 89, 45, A8, C7, 05, D0, 57, 84, 00, FE, 04, 00, 00, C7, 45, CC, C4, 6A, 82, 00, C7, 05, 4C, 1C, 84, 00, 61, 00, 00, 00, C7, 45, A4, 62, 00, 00, 00, EB, 07, 8B, 45, A4, 40, 89, 45, A4, 83, 7D, A4, 7D, 7D, 0F, A1, DC, 98, 84, 00, 2B, 45, A4, A3, DC, 98, 84, 00, EB, E4, A1, DC, E0, 7F, 00, 48, 48, 89, 45, D8, 8B, 45, D8, 0F, B6, 00, 3D, CC, 00, 00, 00, 74, 14, 8B, 45, D8, 0F, B6, 00, 3D, 90, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4 MB (4,179,968 bytes)

Remove uTorrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.