home

utt91d0.tmp.exe

BitTorrent

BitTorrent Inc

This is a setup program which is used to install the application. This is installed with BitTorrent. The file has been seen being downloaded from dc455.4shared.com and multiple other hosts.
Publisher:
BitTorrent, Inc.  (signed by BitTorrent Inc)

Product:
BitTorrent

Version:
7.6.1.27456

MD5:
e4503303c1659788a0eea2a519e43496

SHA-1:
34b57bf5e95ab9991b2aecc4c502944a75c0635c

SHA-256:
294252d92b0eb414a1b0de77c780d68abe2e6a217a6452919820c17bcb12f7a4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:34:27 AM UTC  (today)

File size:
5.8 MB (6,078,360 bytes)

Product version:
7.6.1.27456

Copyright:
©2012 BitTorrent, Inc. All Rights Reserved.

Original file name:
BitTorrent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\utt91d0.tmp.exe

Digital Signature
Signed by:
BitTorrent Inc

Authority:
VeriSign, Inc.

Valid from:
6/21/2010 1:00:00 AM

Valid to:
7/27/2013 12:59:59 AM

Subject:
CN=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=BitTorrent Inc, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36BC30562A650AFAA5AD101ECD643AB4

File PE Metadata
Compilation timestamp:
6/20/2012 1:20:18 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:q9MDW5fPwmVVsmhrIAWEJWqhytZyaYJWysMw/j8YsX2fKX/YBugaFe0:4ZxZPrIiMrsW/Mum2yX/OkFb

Entry address:
0x4F1F30

Entry point:
60, BE, 00, A0, 85, 00, 8D, BE, 00, 70, BA, FF, 57, 89, E5, 8D, 9C, 24, 80, F1, FC, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 94, F3, 4E, 00, 57, 83, C3, 04, 53, 68, 27, 7F, 09, 00, 56, 83, C3, 04, 53, 50, C7, 03, 07, 00, 04, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9977  (probably packed)

Code size:
612 KB (626,688 bytes)

The file utt91d0.tmp.exe has been discovered within the following program.

BitTorrent  by BitTorrent Inc.
BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.
www.bittorrent.com
7% remove it
 
Powered by Should I Remove It?

The file utt91d0.tmp.exe has been seen being distributed by the following 4 URLs.

http://dc455.4shared.com/download/.../BitTorrent_761.exe

http://download.bittorrent.com/.../BitTorrent.exe

http://dc671.4shared.com/download/.../BitTorrent_761.exe

http://freecache23-free.kaora-cdn.uloz.to/Ps;Hs;fid=19235178;cid=463103033;rid=127845820;up=0;uip=81.201.48.28;tm=1396712242;ut=f;aff=uloz.to;did=uloz-to;He;ch=3326ba3eb6382a4c66e6dd97db8239d5;Pe/.../bittorrent-v7-6-1.exe

Scan utt91d0.tmp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.