home

BitTorrent.exe

BitTorrent

BitTorrent Inc

This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘BitTorrent’. This file is installed with the program BitTorrent. The file has been seen being downloaded from download.bittorrent.com.
Publisher:
BitTorrent, Inc.  (signed by BitTorrent Inc)

Product:
BitTorrent

Version:
7.2.1.25157

MD5:
b0198d0819a69494e834866516af9ac4

SHA-1:
205773f071a99c98b2a14710e4d354c69a78c028

SHA-256:
1f8f854d86f85adde9e5e4428ae762d25f4c605ec3937f5b4c8ef4216699ed5c

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/27/2024 1:37:31 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4246

NANO AntiVirus
Trojan.Win32.Chir.crqdqw
0.28.0.57380

Trend Micro House Call
HV_ZYX_BK0840C6.TOMC
7.2.25

File size:
393.4 KB (402,808 bytes)

Product version:
7.2.1.25157

Copyright:
©2011 BitTorrent, Inc. All Rights Reserved.

Original file name:
BitTorrent.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\bittorrent\bittorrent.exe

Digital Signature
Signed by:
BitTorrent Inc

Authority:
VeriSign, Inc.

Valid from:
6/21/2010 5:00:00 AM

Valid to:
7/27/2013 4:59:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36BC30562A650AFAA5AD101ECD643AB4

File PE Metadata
Compilation timestamp:
3/31/2011 5:30:11 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:0u3XfhvvnHIGA1BxH6/zMwr4zIW5Mpeln5orOa/yqr9wD1Ou4GoSHnaX:RHfhvfIVDqtrPNpej+/yqpk1OEoS6X

Entry address:
0x100740

Entry point:
60, BE, 00, 60, 4A, 00, 8D, BE, 00, B0, F5, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 9B, E0, 0F, 00, 57, 83, C3, 04, 53, 68, 38, A7, 05, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
368 KB (376,832 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BitTorrent

Command:
"C:\Program Files\bittorrent\bittorrent.exe"


The file BitTorrent.exe has been discovered within the following program.

BitTorrent  by BitTorrent Inc.
BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.
www.bittorrent.com
7% remove it
 
Powered by Should I Remove It?

The file BitTorrent.exe has been seen being distributed by the following URL.

http://download.bittorrent.com/.../BitTorrent-7.2.1.exe

Scan BitTorrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.