home

3.4.4_40911.exe

µTorrent

BitTorrent Inc

This is a setup program which is used to install the application. The file has been seen being downloaded from download.besplatnyeprogrammy.ru and multiple other hosts.
Publisher:
BitTorrent Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
3.4.4.40911

MD5:
8150d92888e57cfbc48119dd32abe7aa

SHA-1:
3319376d63663c6fb678884d226ff3851895bbca

SHA-256:
1f3b344b3755892549e319906c721603388722d436648067322f8b5090a1ac28

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:07:44 PM UTC  (today)

File size:
1.6 MB (1,696,096 bytes)

Product version:
3.4.4.40911

Copyright:
©2015 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\utorrent\updates\3.4.4_40911.exe

Digital Signature
Signed by:
BitTorrent Inc

Authority:
VeriSign, Inc.

Valid from:
6/5/2013 5:30:00 AM

Valid to:
9/4/2016 5:29:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5732C1574E6AF828E1B4F93ABB34ED08

File PE Metadata
Compilation timestamp:
8/11/2015 2:51:51 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:gAlErygtdN8ZWIHz8sMAhAFbD14ulqiDoTPN5Jqr3ymlP+/R834e3BaeUfYDVYtn:gAlEWgtTiZHMAmDi26PN5Wic+Ko2alHl

Entry address:
0x3FD200

Entry point:
60, BE, 00, 00, 68, 00, 8D, BE, 00, 10, D8, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, D3, BA, 3F, 00, 57, 83, C3, 04, 53, 68, FD, D1, 17, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9787  (probably packed)

Code size:
1.5 MB (1,564,672 bytes)

The file 3.4.4_40911.exe has been seen being distributed by the following 50 URLs.

http://download.besplatnyeprogrammy.ru/uTorrent_Rus_Setup.exe

http://bcdn.besplatnyeprogrammy.ru/5.html?parameter=uTorrent_Rus_Setup.exe&sect=1441243819&secl=FSoKjOk5Cnjog-GLrukbaA&clr=1

http://dl.downloadnuchaikainug.com/n/.../uTorrent.exe

http://download1487.mediafire.com/xvbinvcwnmbg/.../uTorrent.exe

q=http://download-new.utorrent.com/endpoint/utorrent/os/windows/track/.../&redir_token=mo7V6wNQXbYtm-12lUDRC8hRJBV8MTQ0MjQxMjA2OEAxNDQyMzI1NjY4

https://mega.nz/temporary/.../ip5CELZA

http://dl.downloadsireigheesae.com/n/.../uTorrent.exe

https://mega.nz/temporary/.../SNxUwT4B

http://filehippo.com/download/file/.../

http://i.download.idg.pl/fannef/fa4bb362866d82e120842900a48f867f/5606e2b3//vol2/w95/p2p/utorrent/.../uTorrent_3.4.4.40911.exe

http://utorrent.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fl6KIpqCjkZY=

http://i.download.idg.pl/fannef/d4b129184972c98122fae34fa643e032/5616306a//vol2/w95/p2p/utorrent/.../uTorrent_3.4.4.40911.exe

q=http://download-new.utorrent.com/endpoint/utorrent/os/windows/track/.../&redir_token=zg_r_oajvqxu5_wsujRh0k1STCZ8MTQ0MjE0OTAxNkAxNDQyMDYyNjE2

http://softmirror.ru/go?http://.../0AeNf9

http://download.utorrent.com/.../uTorrent.exe

http://download-new.utorrent.com/track/stable/endpoint/utorrent/.../windows

http://download-new.utorrent.com/os/windows/track/beta/endpoint/.../

http://storage.dobreprogramy.pl/.../uTorrent.exe

http://upload.az/getfile.php?id=54478&access_key=29229ccbcdd5fac513518920b1298e08&t=56af7943&o=F7F69A0461DE696DED7017CF8DF5CA63F1E99B0164D2776BF17017CFDEE1CE35A3BF9B047BDB1A3AA5390BB6F3F5CB7FF6F6&name=uTorrent.exe

http://xcdn.softobase.com/rozu2.html?parameter=uTorrent_Rus_Setup.exe&sect=1441676221&secl=n_ijnycZZarYzDACjIvrLQ&clr=1

https://onedrive.live.com/download.aspx?cid=D915B6BB4EE3A1B6&resid=D915B6BB4EE3A1B6!8190&canary=r3q7biyDee2LDXhQbmrUfzpVh coXz1s85 UmhemYaQ=5&ithint=.exe

http://dw.cbsi.com/redir?ttag=restart_download_click&ptid=3001&pagetype=product_pdl&astid=2&edid=3&tag=link&siteid=4&destUrl=&onid=2196&oid=3001-2196_4-10528327&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=internet/file-sharing&topicbrcrm=&pid=14452194&mfgid=6196618&merid=6196618&ctype=dm&cval=NONE&devicetype=desktop&pguid=962a59499dba6c179635b4d0&viewguid=XnOgwzPz8dfJlaS3ze1G-qJhbKkv9rvfYEYq&destUrl=http://download-new.utorrent.com/endpoint/utorrent/os/windows/track/.../

q=http://download-new.utorrent.com/endpoint/utorrent/os/windows/track/.../&redir_token=zezVPDYvPIaKdor1EpXZgtxeU0p8MTQ0MDc5NDQ3NUAxNDQwNzA4MDc1

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-JYWy5Nba-c7U4idBHapJWsIWkH93KjKnUuwCsXKvX3AAXXZatB9GHJO_HTyUk5IS/messages/@.id==ALN2imIAAEqMVy3yQgCcQJ2rJUQ/content/parts/@.id==2/raw?appid=YahooMailNeo&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBaBhqqNuOQHYtI8B08t-kMYYIOUif-ly_uBFThgJPOANJh98FgbDhx-wbI6thNC6HaldJA8i3vzfiNePJFcLA02&error=https://mg.mail.yahoo.com/.../iframemsg?id=97f401a6-d92e-f4d3-f132-ffee9d854363&ymreqid=d09b9b8f-99f1-0d92-0167-f10038010000

http://www.utorrent.cz/.../utorrent-setup.exe

http://i.download.idg.pl/fannef/d2eadcb981897655d1105469208439b1/562fa74a//vol2/w95/p2p/utorrent/.../uTorrent_3.4.4.40911.exe

http://s6242.toutbox.fr/File.aspx?e=j8aTCAQEVJMmT34FIwqy7g92Z-VUPEcnO5py7AeugXNtFhw1VRj8fcgvLTKNOJrNWhkwL1v4CGrG4HJ27hYymjbt7jzkwEBkjMrgmWIy3aA6lLSVBvSxvdJF0m4EsFHIkAa7xmyLuIsF_h3-VSE19Q&pv=2

http://download1853.mediafire.com/g9k6nb0371rg/.../uTorrent.exe

http://ftp-stahuj.centrum.cz/dl/f1ff7b979bf8ea0a6e6cbf5efd23219e/55dddec3/stahuj/download/software/secured/u/utorrent/344/.../uTorrent.exe

http://download1853.mediafire.com/7s1z832dke7g/.../uTorrent.exe

Latest 30 of 97 download URLs

Scan 3.4.4_40911.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.