home

torrent.exe

Windows NetMeeting

IT River

The application torrent.exe by IT River has been detected as adware by 31 anti-malware scanners.
Publisher:
Windows  (signed by IT River)

Product:
Windows® NetMeeting®

Description:
NetMeeting®

Version:
5.1.2600.2180

MD5:
6c1a72ae6074f4ea4284ae8f55dfec14

SHA-1:
24c2bd47ca9fd81cacf78cf0fed3f44ac62b7e01

SHA-256:
9dfe1f95f3e2995de05c983765043b538c52a0cbd1c6af291c6d2e9a23d43f5a

Scanner detections:
31 / 68

Status:
Adware

Analysis date:
4/26/2024 12:49:37 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Heur.Krypt.12
355

AhnLab V3 Security
PUP/Win32.LoadMoney
2014.08.11

Avira AntiVirus
TR/Kazy.370902.A
7.11.165.192

avast!
Win32:LoadMoney-FP [PUP]
2014.9-160214

AVG
Win32/Cryptor
2017.0.2833

Bitdefender
Gen:Heur.Krypt.12
1.0.20.225

Comodo Security
TrojWare.Win32.Kryptik.BZSP
19148

Dr.Web
Trojan.LoadMoney.262
9.0.1.045

Emsisoft Anti-Malware
Gen:Heur.Krypt.12
8.16.02.14.08

ESET NOD32
Win32/Kryptik.CBAJ trojan
10.7.0.302.0

Fortinet FortiGate
Riskware/LMN
2/14/2016

F-Prot
W32/A-7ea623cf
v6.4.7.1.166

F-Secure
Gen:Variant.Kazy.409797
11.2016-14-02_1

G Data
Gen:Heur.Krypt.12
16.2.24

IKARUS anti.virus
Trojan.Krypt
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.183.12998

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
14.0.0.661

Malwarebytes
PUP.Optional.LoadMoney
v2016.02.14.08

McAfee
Program.PUP-FNB
5600.6489

Microsoft Security Essentials
Threat.Undefined
1.179.2640.0

MicroWorld eScan
Gen:Heur.Krypt.12
17.0.0.135

NANO AntiVirus
Riskware.Win32.Krap.cypjlh
0.28.2.61349

Panda Antivirus
Trj/Genetic.gen
16.02.14.08

Quick Heal
Trojan.Sisproc.A6
2.16.14.00

Reason Heuristics
PUP.ITRiver (M)
16.2.14.20

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.16212

Sophos
Mal/LdMon-B
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Kazy
9323

Total Defense
Win32/LdMon.JNOBUX
37.0.11111

Vba32 AntiVirus
Malware-Cryptor.Limpopo
3.12.26.3

VIPRE Antivirus
Threat.4823650
31208

File size:
295.3 KB (302,392 bytes)

Product version:
3.01

Copyright:
1996-2001

Original file name:
conf.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\torrent.exe

Digital Signature
Signed by:
IT River

Authority:
COMODO CA Limited

Valid from:
2/25/2014 6:00:00 AM

Valid to:
2/26/2015 5:59:59 AM

Subject:
CN=IT River, O=IT River, STREET="Obolenskiy, 9", L=Moscow, S=Moscow oblast, PostalCode=119021, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0F02E0C593A3B9A15B22F5853C90D66B

File PE Metadata
Compilation timestamp:
6/20/1992 4:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:VDiRU8t47aoe8eLmEiG/GM0WHGWcgRgrI5n+a4:VDcBtYlCJ/GM0CLpCcsB

Entry address:
0x1000

Entry point:
E9, BB, FF, 03, 00, 89, 3D, 69, 20, 44, 00, C7, 05, FD, 20, 44, 00, D4, 05, 01, 00, 83, C1, 56, 89, 3D, A3, 20, 44, 00, C3, 90, C3, 8D, 40, 00, FF, 25, 24, 20, 44, 00, B8, 20, 10, 40, 00, C3, 89, 3D, 69, 20, 44, 00, C7, 05, FD, 20, 44, 00, D4, 05, 01, 00, 83, C1, 56, 89, 3D, A3, 20, 44, 00, E8, 0A, 03, 00, 00, 89, 7C, 24, E8, C7, 05, 15, 20, 44, 00, BA, 41, 01, 00, FE, 05, 50, 20, 44, 00, 29, 1D, 37, 20, 44, 00, 66, C7, 05, C1, 20, 44, 00, 7A, E0, 89, 3D, BF, 20, 44, 00, C3, FF, 25, 48, 71, 44, 00, 8B, C0...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
256.5 KB (262,656 bytes)

Remove torrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.