uTorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. This file is installed with the program µTorrent. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
BitTorrent, Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
3.0.0.26473

MD5:
a232c210b4bcac6fdba0d4c990d9a1a7

SHA-1:
f4dacada8286795589f51dae06e1b4522a1baaf0

SHA-256:
78e137e8620302243e8b11c136a8fdf0bc3ce96db1969acce5f0241ff4157bd4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 9:26:51 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Variant.Strictor.46875
8.13.12.26.04

File size:
627.4 KB (642,424 bytes)

Product version:
3.0.0.26473

Copyright:
©2011 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\utorrent\utorrent.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/21/2010 2:00:00 AM

Valid to:
7/27/2013 1:59:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36BC30562A650AFAA5AD101ECD643AB4

File PE Metadata
Compilation timestamp:
11/17/2011 1:46:46 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:11A2yqpZTqKqbDvZ5LxtEaA3hqjUYVzSLar7CeqqvoSfD:11AXqMB5ttEpxqDVbaeqGD

Entry address:
0x17A1A0

Entry point:
60, BE, 00, A0, 4F, 00, 8D, BE, 00, 70, F0, FF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 81, 83, 17, 00, 57, 83, C3, 04, 53, 68, 99, 01, 08, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
516 KB (528,384 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
"C:\Program Files\utorrent\utorrent.exe" \minimized


Windows Firewall Allowed Program
Name:
C:\Program Files\uTorrent\uTorrent.exe


The file uTorrent.exe has been discovered within the following programs.

µTorrent  by BitTorrent Inc.
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.
www.utorrent.com
12% remove it
 
Powered by Should I Remove It?

The file uTorrent.exe has been seen being distributed by the following 21 URLs.

https://dw.uptodown.com/dwn/E_E40sms2C0FqtKIWAKrksxmWXAbrnhKswiPb1GimdFtCFmqrAxenhtuUzadNp5JDjK81stufUZZviT1nHGkczbv86jXCnlf99iSQHoMnen5E0PaCOaQ51PF8MEzQFQ4/JIgU6uQiW2GNF7_TTEo9Y-5hScFIZxQBWs3c9vZoAxx3BOimoEYDd5x_KtcCeBOxtdnDJaYC7-qysTFhaezb9rlCwleryuCMgzLq69wmoPMlg5c4nYSPKYPDFsJCVwzN/oUkmt4O69Ch2v6rfriOYAwvq10_N16Pux809kvQAEJT-mxh8zu0wbsPJnfFnOqxoOq-AKd7dhS6NhzXQFh9adzWx_Xyt9cDW0vtYTGjynEx1XdOa5TzNb2zj_0O4fola/.../

http://205.196.123.47/fytzdd3vbjsg/.../uTorrent.exe

Scan uTorrent.exe - Powered by Reason Core Security