uTorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. This file is installed with the program µTorrent. The file has been seen being downloaded from software.oldversion.com and multiple other hosts.
Publisher:
BitTorrent, Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
1.8.5.17091

MD5:
97674ad10c95902d4f1cccc8953c753c

SHA-1:
981d51da3c6262d1889063a5efca27c6c6ee949d

SHA-256:
ce7cd9b8f03b0a7f73ad1571a9a7e33ab48f8b5c1fbcac297f1a2731ace397c6

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/24/2024 4:47:05 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Spy.W32.Zbot
2.1.4+

File size:
282.8 KB (289,584 bytes)

Product version:
1.8.5.17091

Copyright:
©2009 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\utorrent\utorrent.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/24/2007 9:00:00 PM

Valid to:
7/24/2010 8:59:59 PM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
68F0D3AE62D911B2B5843D297C166380

File PE Metadata
Compilation timestamp:
10/29/2009 9:30:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:Wk5Q/Riorb7ghEwqzOH18oRCCBB4cs38rhv1JkpordYlzRejT9ghO6P9BoS9:WriorbUBqzwj3DrXJn4zRejZghOYToS9

Entry address:
0xB0EB0

Entry point:
60, BE, 00, 00, 47, 00, 8D, BE, 00, 10, F9, FF, C7, 87, 90, 42, 09, 00, FD, DA, 64, 08, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 9D, EC, 0A, 00, 57, 83, C3, 04, 53, 68, 9F, 0E, 04, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Code size:
264 KB (270,336 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
"C:\Program Files\utorrent\utorrent.exe"


Windows Firewall Allowed Program
Name:
C:\Program Files\uTorrent\uTorrent.exe


The file uTorrent.exe has been discovered within the following program.

µTorrent  by BitTorrent Inc.
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.
www.utorrent.com
12% remove it
 
Powered by Should I Remove It?

The file uTorrent.exe has been seen being distributed by the following 21 URLs.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ1MTc0NjAyODtzOjI6ImlkIjtpOjE2NzA7czo0OiJmaWxlIjtzOjI0OiIxLjguNV91dG9ycmVudF8xLjguNS5leGUiO3M6MzoidXJsIjtzOjQ4OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uY29tL3dpbmRvd3MvdXRvcnJlbnQtMS04LTUiO3M6NDoicGFzcyI7czozMjoiNWEzYmI0MWQ0NjlhNWE2ZjU5N2VmZWQ0Yzk3Mzk2ZDIiO30=

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ4NDM5NjI3NztzOjI6ImlkIjtpOjE2NzA7czo0OiJmaWxlIjtzOjI0OiIxLjguNV91dG9ycmVudF8xLjguNS5leGUiO3M6MzoidXJsIjtzOjQ4OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uY29tL3dpbmRvd3MvdXRvcnJlbnQtMS04LTUiO3M6NDoicGFzcyI7czozMjoiMGIxMTE0NDBjNDE1ZDFmMmJiNjIzYjhhYjI0NzhmZTkiO30=

http://www.ex.ua/.../488832

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ2Njg2NzI2MjtzOjI6ImlkIjtpOjE2NzA7czo0OiJmaWxlIjtzOjI0OiIxLjguNV91dG9ycmVudF8xLjguNS5leGUiO3M6MzoidXJsIjtzOjQ4OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uY29tL3dpbmRvd3MvdXRvcnJlbnQtMS04LTUiO3M6NDoicGFzcyI7czozMjoiN2IzMWYwOTU2ZDk2MzliNjJmOTM0MzUyMTVhZjQzNDciO30=

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3MjEyNzA3MTtzOjI6ImlkIjtpOjE2NzA7czo0OiJmaWxlIjtzOjI0OiIxLjguNV91dG9ycmVudF8xLjguNS5leGUiO3M6MzoidXJsIjtzOjQ4OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uY29tL3dpbmRvd3MvdXRvcnJlbnQtMS04LTUiO3M6NDoicGFzcyI7czozMjoiMTU4YTRmYWY4NDY1M2E3NWIzYWVlN2I5N2FmZDY5ZDQiO30=

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NjU2MDE3MDtzOjI6ImlkIjtpOjE2NzA7czo0OiJmaWxlIjtzOjI0OiIxLjguNV91dG9ycmVudF8xLjguNS5leGUiO3M6MzoidXJsIjtzOjQ4OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uY29tL3dpbmRvd3MvdXRvcnJlbnQtMS04LTUiO3M6NDoicGFzcyI7czozMjoiYzg5NzNjMWRjMDQzOGQzYjU1MjFmNmRkNTYxOGI1MTUiO30=

http://www.computers-bg.net/download/.../utorrent-1.8.5.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NDAyODYxNztzOjI6ImlkIjtpOjE2NzA7czo0OiJmaWxlIjtzOjI0OiIxLjguNV91dG9ycmVudF8xLjguNS5leGUiO3M6MzoidXJsIjtzOjQ3OiJodHRwOi8vd3d3Lm9sZHZlcnNpb24uZnIvd2luZG93cy91dG9ycmVudC0xLTgtNSI7czo0OiJwYXNzIjtzOjMyOiJlNDhjMDNhZmUyNGI1ZTk5NmU2NWM5ZTNjOTZlODQyOSI7fQ==

https://polishtracker.net/.../utorrent185.exe

http://s10122.chomikuj.pl/File.aspx?e=hFV8sT70xsyC0kPmfuBMs___VX9ufins36ABcykmBmuMCfkgPA-Joxy-wvr_fQyymbp3XkfZuoAOQ0IwKkvUpct32FIlRiHhj8_AiLBiGmlcdrNRH-Jk5Wz-QWYcgG_C8qq1JPL6PREt3136k_8LHw&pv=2

http://utorrent.hu/download/.../

Scan uTorrent.exe - Powered by Reason Core Security