uTorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. This is the uninstaller utility registered in the Windows Control Panel for the program ?Torrent by BitTorrent Inc.. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
BitTorrent Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
3.4.6.42094

MD5:
570193297a02d9332c1122c1c7b756ef

SHA-1:
d7dd91fc2fb198a471f13588f0892e6ebbc2b594

SHA-256:
bce6f6ebd0c282a4da9bcf1732998c26d491847783aa784db7d9fafc5bee2af0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 7:15:31 AM UTC  (today)

File size:
1.9 MB (1,959,424 bytes)

Product version:
3.4.6.42094

Copyright:
©2016 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\utorrent.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
1/21/2016 7:00:00 PM

Valid to:
9/3/2016 7:59:59 PM

Subject:
CN=BitTorrent Inc, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
59123D60D39E60127D6B456A62C9DEAC

File PE Metadata
Compilation timestamp:
4/1/2016 3:38:20 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:R4wjm8uP/lT0YyEaoT1F1bFHF0wRJZrjNAXodfx1m3:Caal9TttlPBjNAXodfm

Entry address:
0x4EBF30

Entry point:
60, BE, 00, 00, 73, 00, 8D, BE, 00, 10, CD, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 10, 9C, 4E, 00, 57, 83, C3, 04, 53, 68, 25, BF, 1B, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9836  (probably packed)

Code size:
1.7 MB (1,822,720 bytes)

2 Program Uninstaller
Program name:
?Torrent

Display publisher:
BitTorrent Inc.

Display version:
3.4.6.42094

Uninstall string:
"C:\users\{user}\appdata\roaming\utorrent\utorrent.exe" \uninstall

Program name:
abdou

Display publisher:
BitTorrent Inc.

Display version:
3.4.6.42094

Uninstall string:
"C:\users\{user}\appdata\roaming\utorrent\utorrent.exe" \uninstall


3 Scheduled Tasks
Task name:
{8599B96A-B88B-46FE-A4C3-FA139CDF3715}

Trigger:
Registration (Runs on registration)

Task name:
UTORRENT

Trigger:
Daily (Runs daily at 03:05)

Task name:
torrent

Trigger:
Daily (Runs daily at 12:20 AM)

Description:
torrent


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
"C:\users\{user}\appdata\roaming\utorrent\utorrent.exe" \minimized


Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
"C:\users\{user}\appdata\roaming\utorrent\utorrent.exe" \minimized


565 Windows Firewall Allowed Programs
Name:
C:\Documents and Settings\ADMIN\Application Data\uTorrent\uTorrent.exe

Name:
utorrent.exe

Name:
C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe

Name:
C:\Documents and Settings\Misha\Application Data\uTorrent\uTorrent.exe

Name:
C:\Documents and Settings\User\Application Data\uTorrent\uTorrent.exe

Name:
3.4.6_42094.exe


The file uTorrent.exe has been seen being distributed by the following 50 URLs.

http://dw.uptodown.com/dwn/JA3gjZ2KH73w-b8xkPMyRuKtFKIyPLanPZiWqhq33iuHFEVXqI_m7Q1ZDZDqtX3vW-Oq19807aCc7YhUdt_9t4hyxPmvxD2Fk32ylqmORfFayYwUki2xsBLIVcXDxTmP/X5pDS_xGPzwyYOK1j8U_MFr76eEc4mxmUJUXdEZ7rz7Ela_1GqLUTvajZVKqJ_Maz6e5KSp_T316Um9ybwKoW8lHTRw5Cb54orHOoIyLgX5eSxkQPIwELlWFCQ6uBsUY/.../

http://dw12.uptodown.com/dwn/mKWgePtatoUS7r2hZBR_XLZF808c2QBl-zMuaHlrj7N6fxu2fl_NmYBW2Bknyep8BIjCePQrY9ZpIiPsGh4PY--kzMFtTbvLxASwiT38Lat1Clo3f-vtl5Y4nOT6lDec/pbQbnQZIQFhFI6KOz_KoLOJ6UhkQDLhidABJUuA6T6EXuYmH9siY_SpOi7RZBu9g4imoL8iiJAEDfLS-90n1zqJGmyQzjiT1fx16wWWrGYZONWbHaaUwxNNqNmHSZpLS/.../utorrent3-4-6-build-42094.exe

https://dw10.uptodown.com/dwn/1tUP0nu18rK3Zo5SsuO1CuFr1GUoS3shazhHveoLmFFioyBujtktoC7hgFWueU4EGOq2h-wf0T8_HJLvjA1CUZLIu312rPur67cZGEeSOg08xZwasRW7W3nazBvlU2hE/t8wNSvD198uySR_vpgg48oYTL3SSyzEbMXpdyC0eVFCdqRrlMors5nDBxn5JIN4V3cqQ9mAxjLFLPbtlNmw5WTwAdHTQHqBP-AcBGheYVV6tgsdI30ZctFeFTfxkfHYA/.../utorrent3-4-6-build-42094.exe

https://utp.st/.../AAAAAFjha7kAAAAAVvECLAAAAAAFWZ3ONIHqvdHWFXoZEOEmteRFiw65SHRLUh1zKdm7sk0s0cnl1-xpafMwMfxTYzYPXxNQBuDKPiNVNSZUTwyUrNYa0fxG7KRztruq9vZ6b2EWEiW86NWmtqjjK1ZG7v1cRPFbMv2JQDTzKPsqhKfVbhNT0oz57gWDVq8ptoWiM4xiEhazQd6emstIeMg1Ri3ucaEuFQpB9_uxMWwRBMQg-SLbkSWJsSLQMPqjkBxGDx1ZFz72J9yXMitusnCx0LQCRBabhfxw8GegcwW0wjJibu5xgoB5Vyf5FrvbclqCMv4BB7nwiWe-0cgrDb560eWg_O2FfiFCBccIZLDX9U3pEH0ig1lgok_zq9GTWYIXrL6jJPPyeCzQW-g=

http://dw.uptodown.com/dwn/XblvlVflJywOpazw4QGqRN0-ioyre6AgOPZDMi6CXwnsO_465QUZzDAgEv2Tzf-OtX0Z_CdPGDeTeMe8Z180UVe33gEPT8PC3s42eu_gWckveH4T2XP1rdWiVLeuOMFy/K-5pLaDhiWI_X5kuuz8GMOhbsCCxH3VOWgncLDoCR6iMFbrK08DWkKyNVMFoFCw3jMLl77V_6QtSezNZkr2XeCMbWPIDX6ik85wmRk39OYESr8li7U-lkKy1ma8Bri5B/.../

http://dw1.uptodown.com/dwn/0kRZ3e_JkSO44IHa6DEYMEGmUf--7m2d-Te69tP_2WZOgwu8XKdOgZS5lgYP4hJSNKal4755ftBZH9Utm52YzC8HcbafEZzEgnkTfsXBrsoCkNpSZ2PZ2Qj1tlpXCIhe/GGge6OqoUofLfm1RMF6L4onZaFgFtuIkZgBwSsnCFIsAHbM9uzdTdjsXFqA9qLEzJv5Nu-n2_kRSnDwBr6egqtoRJMtB8nmQLlVIeeoxk0TNQeN78dlvrO40qAMF_2MN/.../utorrent3-4-6-build-42094.exe

http://dw.uptodown.com/dwn/CLo34yqYDBV5zv5ckhMpv43_Ia1EbVAMQjzTpY0ngQJ1G7AZjyTmGMaE8IFy2Q0UNiQddYb3N_kDkhgeZSRb7knnukpQUny5ShDLh7FVB5t6zKiJNtBR5Sf-2KLLNEcu/6K2Fzbjm1uQTSwLAX8EF0zNNLSteiCyYn30s5jAvKXIx0kZH_AkxXq_mSsnxeUlhn-vhfQd66O5kgu8tiLqGzwMLwfeTpOfLl20xrV8_nTbKDle1bAAGfEVoKKKHjrc5/.../

http://filehippo.com/it/download/file/.../

http://dw.uptodown.com/dwn/PkyzeaF_UPhCif_WPOoFSHdFXrESsKpOhp6HRbp4QWkoNT2ZbdWUTWOUAo9ajcri75OXoXcMEdG9sakOTdTdhoNX7pkWMc40PyvU1DjiLgY7KcDzqjX2AV-YC6njKVlf/CN1EnKBODdn4pAAkjXAnvOLDzX6EUyMyoSvRNx7vbwTuZ2ZNE9V6jJ-B8DkrWZYS-1EJvkuSUf0seIzoAZ_27YX1hQas44Lv4vIwkHIhQnp-QuN_Eb1rEa523-RV-eWQ/.../

http://dw.uptodown.com/dwn/yGYo4E_PJIhWwHpTMFa9sraAk5Su2SWiIlT1x9L2cIEkueLuX8hK_gdSzNsPNsv2fKzUdijCHHnJoQacVCWaK4iqJYLm7SAnAgXtZyrfV1aYN0lVuhSc3uljjepTAiyn/JDy-9JUlnALkAWfQVAtPjkTI5-af46nKCTka6gNvFGyCAq_h4-F1lahsxjK7vcc7_zdiLGFvKK6CefGQq7h-LLLxTka2SquMhH-AaqS8A8gltNYgPxeTzqApQqXt_NFZ/.../

http://gsf-cf.softonic.com/8e2/a07/.../uTorrent-3-4-6-build-42178.exe

https://newyork.proxyserver.com/proxy.php?urlid=C2MHRSPwvZq62RCyr2gdGCqyn4U1kND7qvLLWykdj*0=&

http://dw.uptodown.com/dwn/bnu6OahskaAZvQbYyf0PNkNTPc_gXSVLfgQHZWpKBPY-PpHNGedoqX9LC-jJw9IxUc4xprjOr7F1th6Ry_06cZSIOZDXAd1y7fDImx23iRz7Bvy-IFBXysJQuH7aYQRO/TjkTlpFePeYWOfArl-P4byX8tAslkOuHc3TJz_YhauvQSZIv1qZwVmA7SdhPq1NwN_s2Xi7R4UTm5EpEb3nKJTf5q0-dp7jGKFWpZ6uxG6pfXNLd-j6o6P7nek21WTzW/.../

http://dw.uptodown.com/dwn/yYFIabOmljI9D2d0GOhd6lJGXLA_HQya6gmOdvwGfq_uHeWiuwHaXHI9EkyHuYVf0F_1j6T8EbPhsvBaICdi5oqqZGtTtCeJYRd6xQWhyCdkAVgP_3ImReer9AxpaXIE/eCjgNR67w4WNgolRvl1k64aTizBQWwYFCPaL2tXd62Jw7qThvpOaFbxpP-o14Z9-MMLlvZ50umBOWK4RVJ655ffBaxhA5owq2Lc7bdwMWAt_Yp_ewk7geD3qyrf2knnj/.../

http://dw.uptodown.com/dwn/vz6xBeDB6IVj39FNsbGPjfk2AxSFGns7RxTSAjXamOWVb7huuiUGj5xUFhDU8IOnA71y_7OxRq3KqVE6ziRB-Yv2sFPsDVQ_nFWOw3Yf4LTYwafmQRUBtX8z42LgQ-Z1/XTp5drmBH_jq_c38hBHJ_sP_kNHTbnq4GVaw6Wiw9zouvSwP0K234LqOGP7k7bM0VXUKdsMZV7TkrzSoZFOZQlqgrvIvOnspzSxfTfWUx4tQqAj2y4VqcXr8AWry8FPT/.../

http://dw.uptodown.com/dwn/p5bF5Ltzt1xnXUAvz_iknvK9VW2PC7m767FNGx_g1ceqOTxObDl37KyykuHHVrKg4RICRQuFsybGLhiGMoRHiB4gXfu-EN_TX3_dQGUFJ1s5ru1-Bnq7MsKynp8g5HBl/h9fZK5FGUxyeoDvnQZ6xeGPERajZw5y740H6fGzNe8eC6WAlZjVyIpohl_McdAKBdL_0FY8mpHUJL49HN2afwg57_i6y1VRAR7Jc4QrOSdtVMGS5cwSH_1Kn2O1XM0yA/.../

http://dw.uptodown.com/dwn/WNZqU6cg51172USrDXgRbOEDenMm6Qj1Jc3hhO89WUFcokWYVNBt9YM9vtwEKhpVywmEo05qy6S3dFogdDlZY7GkmyywRH8ziw3IuwcbvbQVYoVFeH5bb-HPGcAEOsu_/smoXbHhZS4QOl9q5d5PBKzzlLjPi1TrQad55oR02OWNHLMPXuNtYOe6Ici7nCXNaJFDmlV7CaIVM2brEkpGjNOjWuokPU1qHlpmBINVXkvbk8jm7QEQLg9wk31bU55UZ/.../

http://dw.uptodown.com/dwn/O_wMv9achjIF5-DyZCWY6FabzppRt2WjO7dqAWEIxKpdA8RCKMFdNuvbx_kwSxmFLpzHjIUG4OB001Of4ko46EKdJnhTW8hPRQDmI3eWLAqzuajhwmaDKDeGTUUOeky_/T3GygCIMbiu1hJuCBC2Plp64DTcFSdI11NuAfjPTdcvu6ehu6HtfQ1D8vtgB_1XDJ1IuSMSo1_-g7RYZuO-KPyg8z10bIWedWtXytUUMroAq3FNlXqlS2DggqM31JSLF/.../

http://dw.uptodown.com/dwn/FtMeuFF3-CUCi5qmQGTQKL-PInQOco_WiSyIfvBFtbR2uyUKxY-TssdAI7JI6cmiAc2d1uY8Y-PSfsa33EsqNWVCG1SK_EIQ-9sW4b2vZ_8J_AIdcBgAyebHnuDTYRQ0/F1u2gJH701zEjBbGhdSOEPtS10PqI9G6SUdGh-pLFHzmx1KeuNT2A2wj1jndriPEm0Dda0erIVkncU0SkW_ak-AkSE9R0vXvMbKCj5ByamZEr-ucctb3BDkI2g34NxSy/.../

https://dw.uptodown.com/dwn/ZFkaxR5SCwu7tsBQeiZEfvHFvcFpZLW8g_Td_BsKZArxSNRxAuI9FyjOYthd3lm916yTzoZctzk6vai0Y2BGLqnIH_qIJWr8acbO1HEEdYDO4B1gUlSfcllVluNEItjk/-IEqM69ezFkEzFxqZjmS0mp7-b-Jjqr0fMKW2s44g3Fs-x5OsLBBx7BgESYdfRYtOP9vHCMXHAqbq2niTKNLrVa0gqgAW9QQzR0gEs781dxh_gQKZFzlw6cyNt57eL0w/.../

http://dw.uptodown.com/dwn/IPrrqFapAxHOf23nHadixzz2qD9sO9y6SZ9GYCcLGZrZzCBeEeOqZ3W6W36m-j_Iv6KNsLDCG8K-rJWJtHVPKqGHVpJrHSUvf2XjbrePUSfNEd8bU1eDpILSH7vn-zpj/vtElCtnQMX0bl48eKsJToR1BQh3vtRWgn9nldA1tU2cTBHk2jUD2KnhOsiGhTXQuaI7VfMXv3aCZYypBtnwc6Yi4Wv8CCBwr6s0FKpE0sPLTaR3Mp7r3MZjKSF5ro_BP/.../

http://dw.uptodown.com/dwn/gc7PN-jMjUVAlNCmVs_41FLQGcqLLYubY4ANjh_d-7Gb3kz8u4kHPfLmnjMGDfEIbQVs70rqDmaUXfo2fQJNmzCHTlC-jKXttvMBCg6FLZNrui3yx8AMtBXJck8JUO_8/6uLeBZUYgB4F1vW9yyee7aD9gN8IsiZpsHcnDuNyv52-Wm4euSTPdJGT9iP1-J2tFR-hn7QnFwH3YQD0RKQyLw7N6Sn-1gqcam6T6LribAFSYNSyHu8Q37LnLteC8rzy/.../

https://dw.uptodown.com/dwn/7EX5V0gY4L6yT842A53cGyarBhiMyv_sUqSsB4Os7FtzKJXbi5S8vL6hAa6is-clMmR9MMfC6pOP0c6zOPCY2CGxMNLlf0bQtDq-oWRS_-DBaRg6bf5huiXuERfZxc-O/6gnIG4YFqiN0-X_MqJInBSGhKsj2geKnOOodHBvCDworTGSRYDJniym7ydz3aNob9s3aX1xsT3bNLIp8kyvc2QTgtKyUHbNNKApbBENnkUVi0xw3WeDiYlL2mlMSqTQq/.../

http://www.commentcamarche.net/download/.../download-196-

http://dw.uptodown.com/dwn/5sr_cuGNSmxNzgLJi5NyEaImiaWI9Aqdb1PFsMk-vvJfKxdehNw4kihBcRwWn2XxY31iurFrDn5QTvp4JzSuVkS-h934R8AQV7B6l0oE1suDueH1QwwjKTkuBU6llwxf/GA-a0nw2ZA0Qyezsp0CqSnWi41-VdYM6zR1fC1kihmLCPohrLZMyZiltVUDtTjYhLi8U8r1N5e0FzneHCDx2EIJZGRXEprUwbOLpuQZy5h3uk-rb8_LfRIdvRoezFnu-/.../

http://dw3.uptodown.com/dwn/mpFKyCtbRmSfJTcgr9l3B_RGgDiHrCu5IYPQJk-AOMaooXb9eQANph-cITKca1Q0e4t7pWiYwPyxP3ZaJpmVVyNbLxGuOHVIEG-idQaajZqTpksPj-Ko5-qhrUCitWCt/MvweWBC90ea4cmkDalaZiLRLWxf-poKoTZmwhgDSrGwTuaBaidiGo823Eej7YXJJXNNdxb91SAzUtXXxPxDcHWzfOreGzlL11iCniq9NsbcZ9KDu1qG285Uk5E174ARM/.../utorrent3-4-6-build-42094.exe

http://filehippo.com/download/file/.../

http://dw.uptodown.com/dwn/oqZ0TogeDVj3mVlLnD1Jir3GXQ9WjnZiiIiP6EQgoID3Vdw3DLGCSt8TojcYf2OsdRVGY1oVUM6k_W3ajdboCRmMA4tj-hJieRCh7JtWmTAlHVhBFfFJXkUoLozNdzFr/I44LFEjyDcv3Kq_KfCBsLvUmAD3At6JitT1dctAYrfdSsMEp9aeDzSHwEIeFGdyny9NMM1PqZ03vs5rs4BDt7TuRwGHm55Fxwixyay_bx53RNyr_QOqqYHn-D6jdoOPY/.../

https://dw.uptodown.com/dwn/pxzw88jlF0U1Jaw61C_R15TuWFmdV3TRTqexIkZNfPbfY320pO4k9nHUjXOuA03hIhRAb8tfeYhjsusytfkNns729JNVEIIf3y72rPb70PDbfJrBjO28ljan5tGvfSLC/aOSP-Y62Wk7O1XoflJGo-wYLkGTFsjO80u1OOxYOwJu15m_KiPljTDb2qGqFmH_ieN5NLnwEXPMtJqumcQzSucnsmEGAuO9bs4W-sN00rlQM8zBry_qczGSA3s4sluWg/.../

https://dw.uptodown.com/dwn/tGslaxGW2DgXNn-IG9uuZkbteMNHv7VBwdcq7IPxg8J7mu5UT67FEkiKZepmm8oPkVrVO07HN-X40ebJiH8W-okTLq-UJsTaFVvhGVUi77SV4mSByM5mjTYU36TWp12f/Xv3ntfzwGawNEB3kGweAZf4X1hkYo1a-M8PnTp4875vkCbD4l7TKCH154ak6SIS_XGsF71J5UhVcEY6zaVMTcH8hvHq9JDY7OChDtzc5aV3YNKkAGuIPiB5jdY8pdMmP/.../

Latest 30 of 866 download URLs

Scan uTorrent.exe - Powered by Reason Core Security