home

BitTorrent.exe

BitTorrent

BitTorrent Inc

This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘BitTorrent’. This is installed with BitTorrent. The file has been seen being downloaded from pf.dlcvit.com and multiple other hosts.
Publisher:
BitTorrent Inc.  (signed by BitTorrent Inc)

Product:
BitTorrent

Version:
7.8.2.30571

MD5:
1eb947aa3fe21e7fe8421addabfda8e7

SHA-1:
c3d540000313f3e3106fd1a81758f170252f3894

SHA-256:
a16eedaa444f81bb882d65b9546aa9b030cb8f3c63804a52542e1964a489510c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:51:45 PM UTC  (today)

File size:
1.4 MB (1,516,120 bytes)

Product version:
7.8.2.30571

Copyright:
©2013 BitTorrent, Inc. All Rights Reserved.

Original file name:
BitTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\bittorrent\bittorrent.exe

Digital Signature
Signed by:
BitTorrent Inc

Authority:
VeriSign, Inc.

Valid from:
6/5/2013 5:30:00 AM

Valid to:
9/4/2016 5:29:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5732C1574E6AF828E1B4F93ABB34ED08

File PE Metadata
Compilation timestamp:
2/8/2014 5:35:10 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:9r9s8n2AlMaf577foYpozEMyj33NbCwzBM+K7jHxUuzXSAaEVjjHqeX:Z9rnPlH5TpEEKwzC7L7SAvJqeX

Entry address:
0x268140

Entry point:
60, BE, 00, 30, 5B, 00, 8D, BE, 00, E0, E4, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 97, 65, 26, 00, 57, 83, C3, 04, 53, 68, 3B, 51, 0B, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.6250

Code size:
728 KB (745,472 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
BitTorrent

Command:
"C:\users\{user}\appdata\roaming\bittorrent\bittorrent.exe" \minimized


The file BitTorrent.exe has been discovered within the following program.

BitTorrent  by BitTorrent Inc.
BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.
www.bittorrent.com
7% remove it
 
Powered by Should I Remove It?

The file BitTorrent.exe has been seen being distributed by the following 4 URLs.

http://pf.dlcvit.com/s/2/.../25836-674419-bittorrent.exe

https://docs.google.com/uc?authuser=0&id=0BzbrAUNmu9a7bm1ybDdpT1FSSkE&export=download

http://download-new.utorrent.com/endpoint/bittorrent/os/windows/track/.../

http://bittorrent.softonic.it/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOr4H8WGS0ui81ErVUowZ5WCbkjnxG7FtUEkr4Rz4O8FWpoT/XYxME6H53szeVF37LUZjJpXI79bpu206u/.../DEk08XSJ4anWzAdm7GMB6 ROZyb3k3bZ0Lh4T4UZ44J7Ieq0w==

Scan BitTorrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.