home

torrent.exe

OOO IT Service

The application torrent.exe by OOO IT Service has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
OOO IT Service  (signed and verified)

MD5:
f7bd61edc12996b5e8e1eabdc81fe2fa

SHA-1:
beb3384c3aa0ba2bf7a7dad0959927596c9210da

SHA-256:
662f67520d82f23e85b0ea96e8b868128737b8cccccadd9e5577dad44cce493e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/5/2024 8:22:20 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.6.7

File size:
584.1 KB (598,136 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\torrent.exe

Digital Signature
Signed by:
OOO IT Service

Authority:
Thawte, Inc.

Valid from:
10/17/2014 3:00:00 AM

Valid to:
10/18/2015 2:59:59 AM

Subject:
CN=OOO IT Service, OU=OOO IT Service, O=OOO IT Service, L=Moscow, S=Moscow region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7A7E5E3CC949C470ED95B81AD98FC138

File PE Metadata
Compilation timestamp:
1/20/2015 5:41:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.14

Entry address:
0xCE54

Entry point:
A1, CD, 08, 45, 00, C1, CF, 00, 2B, 5C, 24, 0C, 8B, 44, 24, F4, 89, CD, F8, 29, D3, 90, F8, C1, D2, 1B, 81, C2, B9, F2, D8, 66, 19, D8, 81, D2, C7, AF, BA, D7, F7, 44, 24, 04, 75, 51, BB, 3E, F9, 89, E1, D1, E2, FC, 0F, BA, E0, 1E, C1, EA, 1E, 0F, BA, FB, 11, 25, 28, EB, 32, 64, 19, F9, 13, 5C, 24, 04, 97, 03, 5C, 24, 0C, F9, 81, 3D, 03, 3D, 42, 00, 7C, 2E, 0E, 58, 0F, BA, E1, 00, 0F, BA, E8, 1C, C1, E2, 04, F7, D1, F7, D2, 13, 3C, 24, 41, 85, 6C, 24, F8, 0F, BA, F8, 17, 2B, 6C, 24, 08, 8B, 15, 57, 9D, 40...
 
[+]

Code size:
523 KB (535,552 bytes)

Remove torrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.