home

ro_setup_0506.torrent.exe

BitCometLite

www.BitComet.com

Publisher:
www.BitComet.com

Product:
BitCometLite

Version:
1.8

MD5:
53f1093d17d598cda56bce543971416e

SHA-1:
bf220820e94740a08683a146e45a865118cef89a

SHA-256:
75f680374105d1f618c2c8241a71e1916d20de36392c39e010572513d486b055

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/10/2024 3:46:19 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Heur.Suspicious
17074

Dr.Web
Adware.Downware.3272
9.0.1.05190

nProtect
Worm/W32.Qvod.4616192
13.10.08.04

Sophos
Virus 'Mal/Generic-L'
5.23

Trend Micro House Call
HV_ZYX_CA2528F2.TOMC
7.2.66

File size:
4.4 MB (4,616,192 bytes)

Product version:
1.13

Copyright:
Copyright(C) 2003-2009 All Rights Reserved.

Original file name:
BitCometLite.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
7/29/2009 3:14:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:1oJ2L+3BooAXVvC26S67dvV0pY9ahNUvWP7vkV9eh9RAIGOmnaV:SJ2L+3BooAXVvKS6ZvV0prUJk/RAIGO3

Entry address:
0x14D84F

Entry point:
E8, 68, 56, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 50, D2, 74, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 85, C0, 5F, 89, 45, FC, 5E, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 64, 43, 74, 00, C9, C2, 08, 00, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B...
 
[+]

Entropy:
6.5719

Code size:
3.3 MB (3,420,160 bytes)

Windows Firewall Allowed Program
Name:
D:\Downloads\20110520_01\RO_Setup_0506.torrent.exe


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ec2-54-213-173-26.us-west-2.compute.amazonaws.com  (54.213.173.26:80)

Scan ro_setup_0506.torrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.