» utorrent.exe
Overview
Analysis
File Details
Behaviors (2)
Programs (4)
Downloads (9)

utorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. This is installed with multiple programs including µTorrent. The file has been seen being downloaded from s5855.chomikuj.pl and multiple other hosts.

File name:

utorrent.exe

Publisher:

BitTorrent, Inc. (signed by BitTorrent Inc)

Product:

µTorrent

Version:

1.8.2.14458

MD5:

b56ce93d73125aeb4872d999d91b7348

SHA-1:

64a4fb77babd03f86353c254f1b971743e39072a

SHA-256:

e151f40f7440b48a80ae39e20754a45e3be6a1662006929c3c116f16524ab6bb

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/15/2024 1:05:05 AM UTC (today)

File size:

263.8 KB (270,128 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\utorrent\utorrent.exe

Digital Signature

Signed by:

BitTorrent Inc

Authority:

VeriSign, Inc.

Valid from:

7/25/2007 12:00:00 AM

Valid to:

7/24/2010 11:59:59 PM

Subject:

CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

68F0D3AE62D911B2B5843D297C166380

File PE Metadata

Compilation timestamp:

2/4/2009 1:47:13 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:irv5iaLuDQvOMg3AG+YIlVORsjiXUIh+CdEle+bgIF3JhO0yAaEGzvrJWk0JZ2m+:irv5SDQGxaYyj++vhRhO0EFm22rT4oSH

Entry address:

0xA2580

Entry point:

60, BE, 00, 60, 46, 00, 8D, BE, 00, B0, F9, FF, C7, 87, 50, 9B, 08, 00, D2, C0, 3E, 37, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, C0, 0C, 0A, 00, 57, 83, C3, 04, 53, 68, 70, C5, 03, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9... 
[+]

Code size:

248 KB (253,952 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

uTorrent

Command:

"C:\Program Files\utorrent\utorrent.exe"

Windows Firewall Allowed Program

Name:

C:\Program Files\uTorrent\uTorrent.exe

The file utorrent.exe has been discovered within the following programs.

µTorrent by BitTorrent Inc.

µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.

www.utorrent.com

12% remove it

iTunes by Apple Inc.

Apple's iTunes is a proprietary media player computer program, used for playing and organizing digital music and video files on desktop computers. It can also manage contents on iPod, iPhone and iPad.

www.apple.com/itunes

9% remove it

QuickTime by Apple Inc.

QuickTime is an extensible multimedia framework capable of handling various formats of digital video, picture, sound, panoramic images, and interactivity.

www.apple.com/quicktime

6% remove it

uTorrent by ajua Software

Publisher's description - “These custom installers are made from scratch or modified from the originals. The reason I make them is that it saves me a lot of time when doing unattended installations. I also use them for my personal everyday needs. They all are configured to my needs or likings.”

rubenalamina.mx/custom-installers

About 56% of users remove it

The file utorrent.exe has been seen being distributed by the following 9 URLs.

http://s5855.chomikuj.pl/File.aspx?e=pZSu-UCvc6uOUJqOxWzxgecIBRXzQPIwGwqAyYA5noxMaBOeGalPPh21D_P31WzZBVeIXADMQHyUhWuGeV8tyCV9mipwJOlqiu9VvFERWZUb35naqPpRAmX5VT42TV5m2TgZxvjsvkAwigNPuxU8uA&pv=2

http://download-new.utorrent.com/endpoint/utorrent/os/windows/track/.../

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NzE4NTM0MjtzOjI6ImlkIjtpOjEyMTgzO3M6NDoiZmlsZSI7czozOToidXRvcnJlbnQtMS04LTItYnVpbGQtMTQ0NTgtdXRvcnJlbnQuZXhlIjtzOjM6InVybCI7czo2MDoiaHR0cDovL3d3dy5vbGR2ZXJzaW9uLmNvbS93aW5kb3dzL3V0b3JyZW50LTEtOC0yLWJ1aWxkLTE0NDU4IjtzOjQ6InBhc3MiO3M6MzI6Ijg1YjRmYmRlNDI3NGRlMmJlZDBlZTQ3M2NmMGY0ZGM4Ijt9

http://storage1.dms.mpinteractiv.ro/media/2/84/12689/3941607/.../utorrent.exe

http://s10556.chomikuj.pl/File.aspx?e=pZSu-UCvc6uOUJqOxWzxgQk2RC_Vsn1rcZY9O-5kqoGR1PdpJ7-2cS9LvmfRQI0W9rr_0EGOgd33dHOGgoYjCXH6WmuEBsKpENOiPYeDCCBEatoDG6oa3gVgPiT9cuh0xGnv4cRHA6pVF5BLthizTw&pv=2

http://www.sapilot.com/marwanhamed/.../utorrent.exe

http://s10556.chomikuj.pl/File.aspx?e=pZSu-UCvc6uOUJqOxWzxgbTcDGOghfjTcrOHu9mFce16UCedfh2DknK_xw-_mNvOS6WzuWYxsx-e4Agr1Xb2m--WhSDE7zzB_-tSFPe7zrqE6p9woQXnptpBrwjHh36VlJSu9J3KYvDwlBkCR8jBYg&pv=2

http://www.go4it.ro/.../3941607

http://www.xbox360-flash.com/.../utorrent-1.82.exe

Scan utorrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.