home

utt2e1a.tmp.exe

BitTorrent

BitTorrent Inc

This is a setup program which is used to install the application. This is installed with BitTorrent. The file has been seen being downloaded from download1072.mediafire.com and multiple other hosts.
Publisher:
BitTorrent, Inc.  (signed by BitTorrent Inc)

Product:
BitTorrent

Version:
7.7.0.27987

MD5:
75e8a30fa3460f9596b0f4c9f8051c09

SHA-1:
3d48657165ea599fbe3ee9e615c32b722af9285a

SHA-256:
8bc7720ae156a741de566fac8672ee8223c77c9ad1898654a61c9df381efac7e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 2:40:45 AM UTC  (today)

File size:
1.3 MB (1,398,680 bytes)

Product version:
7.7.0.27987

Copyright:
©2012 BitTorrent, Inc. All Rights Reserved.

Original file name:
BitTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\utt2e1a.tmp.exe

Digital Signature
Signed by:
BitTorrent Inc

Authority:
VeriSign, Inc.

Valid from:
6/20/2010 6:00:00 PM

Valid to:
7/26/2013 5:59:59 PM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36BC30562A650AFAA5AD101ECD643AB4

File PE Metadata
Compilation timestamp:
9/20/2012 3:47:14 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:z+2RXvNDXDLU+JyxAdkO8syl7UDD6+K7jHxUuzXSAaEVjjyGweVl8zN/ME1:z+OfNDTLUe6+LyNUvS7L7SAvwhpRB1

Entry address:
0x515EA0

Entry point:
60, BE, 00, C0, 86, 00, 8D, BE, 00, 50, B9, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 2F, 35, 51, 00, 57, 83, C3, 04, 53, 68, 90, 9E, 0A, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9380  (probably packed)

Code size:
684 KB (700,416 bytes)

The file utt2e1a.tmp.exe has been discovered within the following programs.

µTorrent  by BitTorrent Inc.
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.
www.utorrent.com
12% remove it
BitTorrent  by BitTorrent Inc.
BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.
www.bittorrent.com
7% remove it
QuickTime  by Apple Inc.
QuickTime is an extensible multimedia framework capable of handling various formats of digital video, picture, sound, panoramic images, and interactivity.
www.apple.com/quicktime
6% remove it
 
Powered by Should I Remove It?

The file utt2e1a.tmp.exe has been seen being distributed by the following 9 URLs.

http://download1072.mediafire.com/ap9lgae7a1kg/.../BitTorrent.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ2NjQ5MjM4NTtzOjI6ImlkIjtpOjExODEyO3M6NDoiZmlsZSI7czo0MzoiYml0dG9ycmVudC03LTctMC1idWlsZC0yNzk4Ny1CaXRUb3JyZW50LmV4ZSI7czozOiJ1cmwiO3M6NjI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9iaXR0b3JyZW50LTctNy0wLWJ1aWxkLTI3OTg3IjtzOjQ6InBhc3MiO3M6MzI6IjQ0MTM2NWJiNGFiYzZiZDc3MzM5M2JhNGMzNmI2YzdmIjt9

http://filehippo.com/download/file/.../

http://www.bigspeedpro.com/software_files/bittorrent/.../BitTorrent.exe

http://download-new.utorrent.com/endpoint/bittorrent/os/windows/track/.../

http://download1956.mediafire.com/n2ocs2uukskg/.../BitTorrent.exe

http://download.bittorrent.com/.../BitTorrent.exe

http://download.bittorrent.com/.../BitTorrent.exe

http://download.bittorrent.com/.../BitTorrent.exe

Scan utt2e1a.tmp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.