home

uTorrent.exe

µTorrent

BitTorrent Inc

µTorrent is a free ad-supported lightweight BitTorrent client. This is a setup program which is used to install the application. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘uTorrent’. This is installed with multiple programs including µTorrent. The file has been seen being downloaded from blogattach.naver.net and multiple other hosts.
Publisher:
BitTorrent, Inc.  (signed by BitTorrent Inc)

Product:
µTorrent

Version:
2.2.0.24683

MD5:
761926d007a7e79adefb6752b119fde8

SHA-1:
316e158240117a58b04585ff4988f881aa3135f6

SHA-256:
63221e680059d2aef5f7779ce9bfd339093e644c063fdc06fee569c627a28631

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 10:22:29 AM UTC  (today)

File size:
386.9 KB (396,152 bytes)

Product version:
2.2.0.24683

Copyright:
©2010 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\utorrent\utorrent.exe

Digital Signature
Signed by:
BitTorrent Inc

Authority:
VeriSign, Inc.

Valid from:
6/21/2010 3:00:00 AM

Valid to:
7/27/2013 2:59:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36BC30562A650AFAA5AD101ECD643AB4

File PE Metadata
Compilation timestamp:
2/15/2011 3:25:44 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:P2D4e26sHOGEywFoMLsFA/4d3/swkZq2NiysZHjVMf3GglknwrZwesztjsy0JMPQ:uCHOJyywdPWZqtyZGCZwecFLX9eoSfF

Entry address:
0xFED60

Entry point:
60, BE, 00, 60, 4A, 00, 8D, BE, 00, B0, F5, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 50, C0, 0F, 00, 57, 83, C3, 04, 53, 68, 50, 8D, 05, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 00, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9243  (probably packed)

Code size:
360 KB (368,640 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
uTorrent

Command:
"C:\Program Files\utorrent\utorrent.exe"


Windows Firewall Allowed Program
Name:
C:\Program Files\uTorrent\uTorrent.exe


The file uTorrent.exe has been discovered within the following programs.

µTorrent  by BitTorrent Inc.
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.
www.utorrent.com
12% remove it
Bonjour  by Apple Inc.
Bonjour Service provides a general method to discover services on a local area network. The software is widely used throughout Mac OS and Windows for iOS devices, and allows users to set up a network without any configuration. It is used to find printers and file-sharing servers.
www.apple.com/support/bonjour
6% remove it
 
Powered by Should I Remove It?

The file uTorrent.exe has been seen being distributed by the following 9 URLs.

http://blogattach.naver.net/b92ca51600323384a3482c132ec6bdc16231cb83/20121127_25_blogfile/.../utorrent.exe

http://static.tcafeh.com/utorrent_uTorrent_v2.2.0_build_24683_ByTcafe.exe

http://static.tcafe2.com/utorrent_uTorrent_v2.2.0_build_24683_ByTcafe.exe

http://dl2.f1cd.ru/d/.../utorrent.exe

http://static.tcafemm.com/utorrent_uTorrent_v2.2.0_build_24683_ByTcafe.exe

http://static.tcafeaa.com/utorrent_uTorrent_v2.2.0_build_24683_ByTcafe.exe

http://static.tcafex.com/utorrent_uTorrent_v2.2.0_build_24683_ByTcafe.exe

http://o-soft.ru/.../download.php?id=5

http://download.utorrent.com/.../utorrent.exe

Scan uTorrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.