home

bittorrentupdatesetup.exe

Trusted Software ApS

The application bittorrentupdatesetup.exe by Trusted Software ApS has been detected as adware by 7 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. It is also typically executed from the user's temporary directory.
Publisher:
Trusted Software ApS  (signed and verified)

MD5:
85a4fcfc9d64a20bf78f68c57b77c6cf

SHA-1:
74d73735eb3acfbb5abb28da2d6dd0ca400303ed

SHA-256:
de81a41ff3ff53d4c29a9277b5a232b7dd0f94ab386c10de0c54eb1a58da7e54

Scanner detections:
7 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/25/2024 5:58:07 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.InstallCore.540
9.0.1.05190

ESET NOD32
Win32/InstallCore.AZ potentially unwanted application
7.0.302.0

F-Prot
W32/InstallCore.S.gen
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.213.6144.0

Reason Heuristics
PUP.TrustedSoftware.Installer (M)
16.2.14.18

Sophos
PUA 'Install Core'
5.23

VIPRE Antivirus
Threat.4788237
46938

File size:
1.1 MB (1,200,832 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\bittorrentupdatesetup.exe

Digital Signature
Signed by:
Trusted Software ApS

Authority:
The USERTRUST Network

Valid from:
11/12/2010 12:00:00 AM

Valid to:
11/11/2013 11:59:59 PM

Subject:
CN=Trusted Software ApS, O=Trusted Software ApS, STREET=Blomsterhaven 42, L=Holbaek, S=n/a, PostalCode=4300, C=DK

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
1DA7007608C324C640CE3FBCC9418735

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:o5SWeHgtja+Ke24eW0SMhmbFTJTZFdHuF/tCveKWEMpUgAdmLE6fjuZQM+OYkpVx:A9++UmbtPEwWEhggmLlf6ZrxpGr81lP

Entry address:
0xDA470

Entry point:
55, 8B, EC, 83, C4, F0, B8, 6C, D9, 40, 00, E8, 05, F7, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7320

Developed / compiled with:
Microsoft Visual C++

Code size:
885 KB (906,240 bytes)

Remove bittorrentupdatesetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.