uTorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. The file has been seen being downloaded from download1202.mediafire.com and multiple other hosts.
Publisher:
BitTorrent Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
3.4.1.31227

MD5:
dfc7d0afe79e69ee0afb00d689b1e187

SHA-1:
41609cb8a13754e73dba481b32b79448b6e80a11

SHA-256:
a40ed29a429fd6643be9bf275471b3bc72e38c161ef88a1b8e6dd31b27ff4319

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/4/2024 5:09:08 PM UTC  (today)

File size:
1.2 MB (1,270,864 bytes)

Product version:
3.4.1.31227

Copyright:
©2014 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\utorrent\utorrent.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/5/2013 2:00:00 AM

Valid to:
9/4/2016 1:59:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5732C1574E6AF828E1B4F93ABB34ED08

File PE Metadata
Compilation timestamp:
5/12/2014 11:23:31 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:t3UVRkGsslLNuqiQkpoDrwuB2smIK5tLIRn9kDMcqhDEu+41Z2+:tk2GsslZiEwuB3CEcwDEu+m

Entry address:
0x314640

Entry point:
60, BE, 00, 00, 60, 00, 8D, BE, 00, 10, E0, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 0B, 27, 31, 00, 57, 83, C3, 04, 53, 68, 39, 46, 11, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
1.1 MB (1,138,688 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
C:\users\{user}\appdata\roaming\utorrent\utorrent.exe \minimized


The file uTorrent.exe has been seen being distributed by the following 28 URLs.

http://download1202.mediafire.com/q7uaabqlp7bg/.../uTorrent.exe

https://dw.uptodown.com/dwn/QqycwVh9s5Sv3ULaalfIkd0IaswExrGZXSLjkfpED1BOIzR0ktzIv8IZGqb4dJLdaMdJxWqq5__rXd_GR0JIysdx5pjrmYqhX4miBuRoHkoqN7p2gfDD8iyZeRUY5_Wk/kyn-x8URXEwHtdXX2jM0QbC2fBOIdQa2yZvYqA75MkkmYbRisK1kTnDkt2rdXseknPsHH43zSj5R1cnJYFBI5qQvld1pzI1Xsp1fTTDfbRvAoRkgnVK8O5I0MJ1DVXNR/-GdJsMj6xeBaOEsmzCdcezuHLIEoxJDPokSNntxv1duHoavyZgbgvnTAK1_Jw19e7E3im9I15jidfpsSWKYrTeTYqx8OJnZAgciEGopqMH3npPHif7EWhFVLQRg8KLsP/h40hnlUP4F_-8RgdWhiSzKfEVl9rr_VmdRS5btAXdbsqF9DReGe_SQNmd1tyupJ79Upe2FPZZvAm3oSEiFZ_csfFUtemsLOtgQsUfDJY3j0xih75YdqK_U-EiitjLgzd/.../

http://www.installer-assist.com/.../uTorrent.exe

https://dw.uptodown.com/dwn/rPE6kptKQrI5L-PZIsTrlB6O9c8-1CVfcGVTNB49VE3fwV3bKQm37AmrHPDVwWV9BaR5KjHYcSnNFsoUjyRHGe-TAERt8BnYSkVtg0RIcbkYvIoh8PGf_mboxWM9oUDE/qeQlho-OrYR8-o5DEf5taTq31pP3idaI08Ogu-_a2vv45_YrT8cJSuEh_DU11jFcWIOqarfgjQi_rUqobpZNGLxj7-x4g6059P5BARdAmvCiils85HhIzcH-AyQfKkgO/qzZxWClqfKu4HT1r2PnIfeoQhXaPdLIEK9V8CV0uwNL_IgewWtFBJeqwaFkvW3zkAufN2s6AS_KYjxBy09GMG09ZOFh9QlnWBL19MRLMZFCdzcWq12ac0HpAT9Nnqwoz/f4kgrWJZKvzFO2yCMSdOvVXX2qaTvoAGIl8emwqod6p5-Jo4MRYop92QESEj9Lb6usdqvpPGZfTHdLnFp5NHVGcDIvDKUMV-uL3KTlICcy2NIh88GK3a5EIjPgiwqz7O/.../

http://server3.xnavigation.net/dl/lFmgQ/734/14282/defa/.../utorrent

https://dw.uptodown.com/dwn/tFNXi3QJUP-gZnqNPtPIZZP67wO8skNcHNCbvgm8p25B_K4Yk89hIkm7LexL_foH7scODudl4OV77kAeev9qjk0aP9FuskOJupwtA3dXFeQS7HQJLIXkSwtDCedkfI40/TG9jA_7KwEt9gb878T7hZs749YvcCLd19ZPX-7jQKcUdmpxr9m5Bfjd9rZ8DuEmN2T76QF5U5OFt5y89WckRHH0VuxWNrNBSHW0aUyXkzJqmWVlTXbkd6glVgwaGrv05/6TwTh3lLC5xsilt_QS_7Z_KDUreVoVgOAegjfPqpcgCkrLBpUFIkV8XkXTJAFFFJmvxGvjhOPB8ayK0Rh-7jNsT-GtV3Ez3U3QwYske0av8LNnSiYX_SamZmKV3hfaNx/jgyoLuOTdpBEK7f13OFFutA7-Mg5sIso8Devid17v7iFCNLD0RKnCMXlx9OxQmorBHGoXJY9bHNEIfr7AAI6A3Ux8h7uuZNdBzGkyOEn04jrxx8NhXXGkexkHCZr61am/.../

http://server3.xnavigation.net/dl/sqX63/734/14282/defa/.../utorrent

https://dw.uptodown.com/dwn/tQ3GipRgHsPDhMnocOwufKfKPzfVxca63F_FdsgYJse9T5AxuDODlCQqhK3sNT28G3yikcY4HGILvxcoeLbgAQG_B4b8GJrxLgIRuV7dh3oGxhw4JW7W8yNxfx4wRUvP/sgni2tfBZTyK_pFc8WYXsojexP6Wm1TeZWaO3S161yJt83N1SmnJaIQyapdaJBOISdwnqkY2Rjdnl4ZSBOUEJ1j9AluPwGz0-BRDG2LidIjnNnt4BTfAxSzyBLYyNLaR/_hdDOUPKbgtkvbfLnV-PL5oo8v0irC30QQZL_2of_C0MWf5dio_0zIPyJ9I5ytNEk-1IxVvzNxN0xHiXN_VBA1ZYvO7kihrXHcqrHmFvIQ7FN8Vy28O4jaiUCENSfDp-/HuqdzlAYCzu3qz46MhpVffBbntVxmlCO7It3oClkGqD4VYTVELiX9I5DSgwk-anXTXW3ene9VXO7MePgdrKdikfTPkDj_MmT13p-JCH0WEfseBXHfFFVmSGKaPAEub9n/.../

http://server3.xnavigation.net/dl/88bhR/734/14282/defa/.../utorrent

Scan uTorrent.exe - Powered by Reason Core Security