home

utorrent_3-4-2-build-38913.exe

µTorrent

BitTorrent Inc.

The application utorrent_3-4-2-build-38913.exe has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a setup program which is used to install the application. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from utorrent.ru.softonic.com.
Publisher:
BitTorrent Inc.

Product:
µTorrent

Version:
3.4.2.38913

MD5:
6c34365dd6b5711e20e884aa2aa643bf

SHA-1:
70c725fada7f073f8e02b786af5d22f8575fb472

SHA-256:
b928d9f9f341ffd5f3f10d1d351412bf72c46b63c81fed8f4712a54beb68f228

Scanner detections:
6 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/24/2024 11:33:34 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
OpenCandy.C
2016.0.2922

Clam AntiVirus
Win.Adware.Softpulse-223
0.98/21062

Fortinet FortiGate
Riskware/OpenCandy
11/17/2015

G Data
Win32.Application.OpenCandy
15.11.25

IKARUS anti.virus
PUA.OpenCandy
t3scan.1.9.5.0

Reason Heuristics
PUP.OpenCandy (M)
16.12.8.2

File size:
1.6 MB (1,691,607 bytes)

Product version:
3.4.2.38913

Copyright:
©2015 BitTorrent, Inc. All Rights Reserved.

Original file name:
uTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
2/20/2015 4:19:24 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:nstU4NupZf16eM4h2F8yvYNj83ee2qldvksY4xQZSWGdj7FzTwkloqOG+K7jHxU8:RZd/M4MvYxCee9lRQAWGdFkj07L7SAvH

Entry address:
0x3BC0B0

Entry point:
60, BE, 00, E0, 67, 00, 8D, BE, 00, 30, D8, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 67, AA, 3B, 00, 57, 83, C3, 04, 53, 68, AA, E0, 13, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
1.2 MB (1,306,624 bytes)

The file utorrent_3-4-2-build-38913.exe has been seen being distributed by the following URL.

http://utorrent.ru.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fmKaOo6OglZs=

Remove utorrent_3-4-2-build-38913.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.