uTorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. The file has been seen being downloaded from download45.mediafire.com and multiple other hosts.
Publisher:
BitTorrent Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
3.3.2.30380

MD5:
22152430f5c578d1a62f102c556c0c01

SHA-1:
3b494fb748bac9430c998fc694d6392e841e28b0

SHA-256:
7a6a303059b8df650bcd786dcc6cdb5c0bb8c896930b6d6966d746c33acde474

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 1:31:21 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Cloddfe.Trojan
1.3.0.4562

Fortinet FortiGate
W32/AdkDLLWrapper.A
3/1/2014

K7 AntiVirus
Riskware
13.174.10588

VIPRE Antivirus
Trojan.Win32.Generic
24292

File size:
1.3 MB (1,342,032 bytes)

Product version:
3.3.2.30380

Copyright:
©2013 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\utorrent\utorrent.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/4/2013 9:00:00 PM

Valid to:
9/3/2016 8:59:59 PM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5732C1574E6AF828E1B4F93ABB34ED08

File PE Metadata
Compilation timestamp:
12/4/2013 9:12:21 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:vdEsFM9LnvNXjG8WSswFfjJxQGDYuywJGNuAnhgSz+13+K7jHxUuzXSAaEVjjq:vdvMTJEwF/DEInV7L7SAvM

Entry address:
0x2682C0

Entry point:
60, BE, 00, C0, 5A, 00, 8D, BE, 00, 50, E5, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 5F, 65, 26, 00, 57, 83, C3, 04, 53, 68, BA, C2, 0B, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
756 KB (774,144 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
"C:\users\{user}\appdata\roaming\utorrent\utorrent.exe" \minimized


The file uTorrent.exe has been seen being distributed by the following 41 URLs.

http://download45.mediafire.com/8mib588loiog/.../utorrent.exe

http://download2035.mediafire.com/6w5hfyeki3bg/.../utorrent.exe

http://www.bestmetagrab.com/sZm5HIJQxBrUZ5jfVZO3R 7FbnyBPNtg_9rkjobFpiekEt6QrihJWg 7by gun3MTBLcItz3V2YTNDI2clpfI8qKqb8D0EZYfVrJn_IrM6cBJfPulOBY ucr 6QL3DaM8OMSTYbuIlWYJvoC8udStPMSlZm3OHBngjKQDRAciCp4az79_EwDqPcpTtcJfplU8AMiY3Q-G24AAES3 X2edlyj65SICA8TzDnlNFBvZQ8kO9GdD7qx8FAvOIRjM6htvOysjEKjTc8D RzO7j8mO wnax94LRFPCcoAbiyj9XfrBgUM

http://www.chucklehostingupdate.com/o_6ZMXz6axwMplE6Rc8RzOD3iLuNKKyRPiZeGDHDpiaynTH4WhDhM1JI8XdX pwiwlUGROdvTExctfafQWWN2brPqMFG4Hjugbv6kpMBCRi8mEYBZV TJUyL ZPprv50Se08QVfwTNEV0gVgbV_hRmRptDRws9yZ8xwIEYJqobJK3ACUZOBrEI7d_TC6FNm1nvTV3jNnUwqxqmnCYy8PMeDK7Kpz__7icvzfQ_w3aKIAvgrx8ZVUB4Oti GP5BiwEehuZIzM0ntXUuleBReCjY6p45HB5AvyFGsZEs_qRnkO0NVUeyLFJrv8VJ7q9HOLf8NuA9O2I1HZhCzHyw2ZzU4octx2KRDJ75I R8zzkFbNq G8mWrFQQdXj8cZMiBnvfcVMARhzVs5gqQzAPBY32GovsBIoYuz41nb08URHEGXuuVEdPsHnzQ9UllSTr1LJXPJ_D54MqbXB3YeUAh0GxNSDg5pdw==-G24AAES3 X2edlyj65SICA8TzDnlNFBvZQ8kO9GdD7qx8FAvOIRjM6htvOysjEKjTc8D RzO7j8mO wnax94LRFPCcoAbiyj9XfrBgUM

http://www.currentupdateconcepts.com/a_sD5NxUXaxLa86yP_AFU2ryni0J_2eO3Bkdh5i1sEqy2kitBqq05X0t8xDqdoF7Osd2xaXSQK9Le7r_JOhpClrhBKTF2r K74qPGrMo2Nak8cjXkU5ez4W1Sm1kWFJ37_aWpm8ubLKUmFYc9rM_EltNdQOe7zjSSV4Pxi2dS5dNoEn36tDfB6UF3JaelBa7QGe4V1Q7YPn25jCV9Qtgqgiqbrrwdg==-G0cAAERPFhMndaE 246Nx9j4QyZjWaZ4jJ3jSOEJ25i_AZkMHZCEjYvBMLttuViI1ClcwXU AQ==

http://newrutor.org/.../utorrent.exe

http://www.chucklehostingupdate.com/DDDIue134yzrTT5k_YiDIByp4nvlD_a0cSnrjDL0AX0boj6qWdqb2dfKWJ33K2trczmiJfPXBWrDLij_CAEySaw29qhIONVXTLFHOw6mVQZX7iMfgYtnecWGP MiD0D2gab3C9xZpmmZGYbQaSrdn4SEpQBFG5F xcYUcgYrsLZALa2LlC7sIvvOa7P90GbpqVx7AWo2QhvVxB0JhdNwVWqQ8qdkoXGPSVnQQj bTZ3qDOwysqvzRr_SRtDBGca1XvpkYrBR5L4arhDK623kpqY9TwpfxY1ygYqlfbPYPvyqr_NJHJwKojWfOapeWirYtD D1x3N1dUuwkibDqcS1TQivUyf7v3eYKPcMgtpoS wxtXC3VvhEUwlEC1dSCFQ04bIk6zL9NzSxXnWThbM6ZAjAqMYeQhU2tJBTprY272IubWUdNfhb6f _jQNUn71FJ 3B0MdUSpqxweAQ6BfLj5Gc40XNA==-G3MAAMTy1tKLLxCUnyCFn5mZwG_H6 SA_d9vBXILEg6Eg9ohP zRidPWkLbx Dc4ugzjpueBfA4HBR4dg1qmkmL1f_SZY0zZ6CG8J4gfYZaKmn1X3bQWEA==

http://download45.mediafire.com/0nn96541o1zg/.../utorrent.exe

http://www.shareconceptsvault.com/y2uJF74cceDILF1PpwZ9XQ PFRE i_0Eu hcTVxKZ_YvCvBLgrD9qlkd_URjwA2r00cmQ1uzYKsXWyUNYZiPOEK11l2zqJiqAMFhblrMjq7P0E7wIw2_0vQKtM4pzoOB8nnZ1Od0babBc9437BenPVRjxRFmYD7wJVA283vLRxMVnstRmqrF4okQux3u q64qTStWAE1Kka7ch0BNlpBWm 14QG_N8 nzJT u5b8JNop9hICMnkfdfQ_0gmvKT tTmHCkWkpRebI6eEkVBXGSbDqZ5vqDrZm259te4OUKpl fGa9M4XOw59u_z1y7I9O2ZGrfqnUYhcEMc7btOfwm_rs6e_VsgFqV9lNNrl3hPShT8reN4A1kL1BOifW6__GIadyYNYPe0RpfZPTgcnhjlT r076n7DGCC8xRVVWloZWzXHgr5zs3ZitmMAQIOxtRqAb6uCKex9auJunTFDiUSaBQDji5fqZXMNy_r qnt_SvQKoO7LhSe1vy5snPsx1yPa7Wo0c-G5wAAGRpXUu7KD1cOgA9WbUJNX4UIxSNTShC0TO9YX45kDS1fA6yjev_zoejg5sRNz0P5GO4BQWFzHpkmoHlsSlhEVn2VPwk_r 9fM__aftwfmpkODzIfw_BecnonI9RFVaEiAA=

http://www.softwaresharetoday.com/c?x= SnIijRbhLrjFv837WFSEXiR9OJou7uJ0fcuQ/CfK/I=&c=zOjDPPjbf/58A0zj2Qnk2fL4BKPk605Gnphbp6NtvjOJr00ocTUuecWbHbR3F3XHNJA8zJroxYESGAr8wzNbzJiYajAmrl0wlzz8nRbvaOQFx9/iYub3a8m1ZbhV9IGADRoIiiweO1Ptp4/MuajMC62/9cUqb3UHPp3SYTLkEyY=&fallback_url=https://secure.innodl.com/.../utorrent.exe

http://download-new.utorrent.com/os/windows/track/stable/endpoint/.../

http://www.bestmetagrab.com/OYZI4zdVqcNpI_zsolk0FeV1A_09CA2fhk sLzFmVTc3IOhtcXlf4anLNLIlM_aO xgdZpAGgzEYbgl1cpZNqXYhHkKsgnLl8O9i2E_v1cXXo2UHAZ Zdlf8g7N8BmJAA3I2Gtq_hhY0Yw 0QqOt_J zJkjXqneeLUZDS5cbjdVwd1sAYBicK354rzyLpAUPyo7OC5Jf-G24AAES3 X2edlyj65SICA8TzDnlNFBvZQ8kO9GdD7qx8FAvOIRjM6htvOysjEKjTc8D RzO7j8mO wnax94LRFPCcoAbiyj9XfrBgUM

http://download45.mediafire.com/562yv2krdmng/.../utorrent.exe

http://it.kioskea.net/download/.../27-utorrent

http://download45.mediafire.com/ir9ssy0ht4jg/.../utorrent.exe

http://www.newclearchuckle.com/c?x=FLzf6FZA0iHFl8VSQwKVtPSv4DAZ7zGP65tugOt1TwM=&c=JMO55yVr LdnwcAz3aqKHW1znZ0aaKwe5BN6fnQj/hAjyxGcm7zi3U5kgVtSqMyRS2ShBP 9yFPdiUs5Vf OZszcDP9LYzB2A/IrToEdgLJ0TpUceBYOF16gkLuD9SWZ9QPCcQ8dUjyZokfUuvHEPHFD9HEuZTeOzsdpmwGC13E=&e=0&downloadAs=utorrent.exe&fallback_url=http://utorrent.en.downloadastro.com/.../?utm_source=ira&utm_medium=error_generating&utm_campaign=utorrent

http://www.newclearchuckle.com/c?x=ehDmMRKc0cdkRt hDjyeTmlaxxZotR9OORTjg3FuNew=&c=oyYGEdJzxSxvz i5AHVjg7Dy5XDXaEIkVMdkeATu1HwUkhM/ZkCXJ 3UoJkigVclVN937 rB0r8D7RKqHJ NIlVLwLP8bRrPfJhxt2UuTvJ6u6wA6shBuQZdATZAGBXV3j80Rf1P0h7M qsfaDtpPteLrSH/wQTQLPmXGjntXpY=&e=0&downloadAs=utorrent.exe&fallback_url=http://utorrent.en.downloadastro.com/.../?utm_source=ira&utm_medium=error_generating&utm_campaign=utorrent

Latest 30 of 41 download URLs

Scan uTorrent.exe - Powered by Reason Core Security